Episode 481 – Aussie Tech Heads Shownotes

posted in: Show Notes

 

Windows 10 cracks 270 million users

active users eight months after launch

One reason for the rapid take-up is that Windows 10, released in July, is free for individual consumers who download it during its first year.

An anniversary upgrade to be released this summer will also be free for users already running Windows


Ransomware uses Dropbox to overwrite hard drives

Trend Micro researchers spotted a new ransomware variant dubbed Petya that is delivered to victims who believe they are linking to a resume stored on a cloud storage site like Dropbox.

The ransomware overwrites the affected system’s hard drive master boot record (MBR) in order to lock out users

The process of overwriting the MBR of the system and putting the ransom note in the startup process of the machine makes this variant of ransomware unique.

It makes the system unusable and will display their ransom note during bootup,

researchers are also seeing new and improved graphics with the ransom notes in their attack, possibly to improve the look and feel of the popups.

The scam starts with the attackers using phishing emails disguised to look and read like an applicant seeking a job,

In the case studied by Trend Micro, the email provides a link to a Dropbox storage location. The email is supposed to link to the applicant’s resume, but instead the link is connected to a self-extracting executable file that unleashes a trojan into the system.

Researchers said the trojan blinds any antivirus programs defending the computer before downloading and executing the ransomware.Trend Micro said the cybercriminals asked for 0.99 Bitcoins to unlock the computer.

Once executed, Petya overwrites the entire hard drive MBR to prevent the victim’s device from loading Windows normally or even restarting in Safe Mode. If the victim tries to reboot their computer they will be greeted by an ASCII skull and given an ultimatum to pay the ransom or have the files deleted.

Trend Micro has informed Dropbox about the malicious files hosted on their service.


All Dick Smith stores to shut by 30 April

An unnamed Dick Smith employee told Fairfax last week that staff couldn’t find new jobs until management specified when stores would close. This is because employees will void their redundancy entitlements if they resign before a notice of redundancy. He added that Dick Smith is required to give employees four weeks’ notice if they were made redundant.

Online electronics reseller Kogan bought selected intellectual property from Dick Smith on 15 March, with the intent to continue the Dick Smith brand as a separate online store. However, Kogan said at the time it didn’t intend to reopen brick-and-mortar Dick Smith stores.


Optus rolls out Uber wi-fi

Optus to rollout in-car wi-fi for drivers in Sydney and Melbourne.

Uber will initially deploy 100 wi-fi points in low-cost UberX cars, with the potential to expand if successful.

The wi-fi devices allow 10 concurrent users per car using Optus’s 4G network. Cars will also be fitted with mobile charging units as part of the trial.

Uber drivers will be offered discounted Optus plans, including a $40 BYO plan that comes with unlimited calls and texts, 300 minutes of international calls and 10 GB of data

Drivers will also be offered two months free on any 24-month Optus plan.


Apple can now demand iPhone hack from FBI

The FBI might now be pressed into providing Apple with the details of how its third-party hacker – now reportedly Cellebrite – will break into the device so Apple can modify its security vulnerability, according to Bloomberg.

Owing to a recent ruling by the Obama administration, known as an equities review, the FBI might have to disclose the security flaw it seeks to exploit in the Apple phone, unless it can prove to administration officials that doing so would be a risk to national security.

The rule sets a time frame for government entities to notify companies of security flaws, after deciding whether to keep them secret or not.


Malvertising strikes Gumtree

miscreants penetrated the network of an Australian legal firm and put up a phony version of its site that appeared legitimate, but actually contained a fraudulent subdomain off its main server.

Gumtree, a subsidiary of eBay, receives 48 million monthly visits and is popular in the UK, Australia and South Africa.

The criminals cut and pasted the firm’s logo and some text from the legitimate site and fashioned what appeared to be a typical ad banner. They then contacted ad networks to inquire about advertising.

Anyone clicking on the bogus, malvertising-laden ad would be vulnerable to receiving the Angler exploit kit, which typically injects different payloads, including ransomware or banking trojans.


 

Leave a Reply