Tag Archives: known

New MalwareTech indictment adds four more charges

The court saga of Marcus Hutchins, a security researcher from England also known as MalwareTech, will continue after a superseding indictment filed by the U.S. government added new charges to his case.

Hutchins was originally arrested in August 2017 on charges of creating and distributing the Kronos banking Trojan. The superseding MalwareTech indictment, filed on Wednesday, adds four new charges to the original six, including the creation of the UPAS kit malware, conspiracy to commit wire fraud, and lying to the FBI.

Hutchins first gained prominence in May 2017 for being one of the researchers who helped slow the spread of the WannaCry ransomware, and he recently mused on Twitter at the connection between that act and the new MalwareTech indictment.

Hutchins also had strong language to describe the supplemental indictment, but one of his lawyers, Brian Klein was more measured.

A question about the new MalwareTech indictment

The UPAS Kit described in the new filing was a form grabber that Hutchins admitted to creating, but he asserted it was not connected to Kronos. Marcy Wheeler, national security and civil liberties expert, questioned how this was included in the new MalwareTech indictment because of the time frames related to those charges.

The indictment noted that the UPAS Kit was originally sold and distributed in July 2012 and it alleged Hutchins developed Kronos “prior to 2014” and supplied it to the individual who sold the UPAS Kit. However, Wheeler pointed out in a blog post that there should be a five year statute of limitations related to such charges and even if the government could avoid that, Hutchins would have been a minor in 2012 when these actions allegedly took place.

Additionally, Wheeler noted that Hutchins admitted to creating the UPAS form grabber — although he denied it was part of Kronos — when he was first arrested by the FBI. The new MalwareTech indictment claims Hutchins lied to the FBI about creating Kronos which would put into question the new charge that Hutchins lied to the FBI.

SanDisk 64GB SSD

Fully working – no known issues
Mint condition
Pic to follow

Price includes UK 2nd class RM p&p

Price and currency: £15
Delivery: Delivery cost is included within my country
Payment method: BACS, Paypal FF
Location: Ealing, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all…

SanDisk 64GB SSD

SanDisk 64GB SSD

Fully working – no known issues
Mint condition
Pic to follow

Price includes UK 2nd class RM p&p

Price and currency: £15
Delivery: Delivery cost is included within my country
Payment method: BACS, Paypal FF
Location: Ealing, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all…

SanDisk 64GB SSD

SanDisk 64GB SSD

Fully working – no known issues
Mint condition
Pic to follow

Price includes UK 2nd class RM p&p

Price and currency: £15
Delivery: Delivery cost is included within my country
Payment method: BACS, Paypal FF
Location: Ealing, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all…

SanDisk 64GB SSD

SanDisk 64GB SSD

Fully working – no known issues
Mint condition
Pic to follow

Price includes UK 2nd class RM p&p

Price and currency: £15
Delivery: Delivery cost is included within my country
Payment method: BACS, Paypal FF
Location: Ealing, UK
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all…

SanDisk 64GB SSD

Digital transformation on a global scale—Accenture runs its business on Microsoft – Office Blogs

Logo for Accenture.

Today’s post was written by Ron Markezich, corporate vice president for Microsoft.

I have known Andrew Wilson since he became Accenture CIO more than four years ago, and I continue to be impressed by what a strong IT organization he has built. Andrew not only motivates the IT organization, but he also takes a strong leadership role across the company, encouraging everyone to adopt new technology to transform the business. Just look at the stats. More than 420,000 Accenture employees in 120 countries embody the digital transformation experience. One of the first global corporations to migrate to Office 365, Accenture has 484,000 Exchange Online mailboxes. Consultants work in creative teams and stay engaged with the company through 20,000 SharePoint Online sites, and more than 25,000 employees are enthusiastic early adopters of Microsoft Teams. Cloud-first file storage is the norm, with employees enjoying mobile access to 900 million files or 2.2 petabytes of corporate data in OneDrive. And with employees racking up more than 309 million minutes of Skype for Business Online conferencing every month, it’s clear that they’re empowered to communicate on any device, when and where they need to. Mobility at this level does not come at the expense of security, because Accenture has the world’s largest deployment of Microsoft Enterprise Mobility + Security to manage approximately 450,000 identities and 104,000 mobile devices.

At Microsoft Ignite 2017, Brad Nyers, managing director at Accenture, walked us through the company’s global rollout of Windows 10. This will be the world’s largest Windows 10 deployment—comprising 450,000 users by the end of 2018—and it also includes Office 365 ProPlus and OneDrive. It was fascinating to hear about this latest example of Accenture using Microsoft technology to boost its own agility and productivity, so it can help drive its customers’ digital transformation stories.

To streamline the Windows 10 deployment, Accenture built the In-Place Upgrade Tool (IPU), which checks for adequate disk space and whether security tools are up to date. Employees with Windows 10–ready computers are notified via email. They follow a link to get the IPU package from OneDrive and perform the installation themselves. For employees whose devices are not ready, Accenture automatically generates remediation lists and points people to documentation that explains how to migrate their files to the cloud.

Storing data in OneDrive also helps employees who receive a new Windows 10 device. Because their data is in the cloud, when they get a new device, all they have to do is authenticate to access their information and get back to being productive. Accenture created a streamlined imaging process that layers its security tools and Office 365 ProPlus to achieve huge time savings for the company.

I’m excited to hear about the value that Microsoft technologies provide Accenture as it leads the way with a digital transformation that’s truly changing how its workforce—now 75 percent millennial—enacts the company’s mission. For a deeper dive into how “Accenture runs on Microsoft,” read the full story.

—Ron Markezich

North Korea’s Lazarus Group sets sights on cryptocurrency

The North Korean state-sponsored hacking outfit known as Lazarus Group has moved beyond ransomware attacks and shifted its focus to cryptocurrency.

Lazarus Group stands accused of perpetrating the widespread WannaCry ransomware attacks earlier this year. Several private companies and governments, including the U.S., have attributed the attacks to the North Korean hacker group. Now, researchers from cybersecurity vendors Proofpoint, Inc., and RiskIQ say Lazarus Group has initiated attacks on cryptocurrency exchanges and owners in at least two different countries.

“Earlier this year, the activities of the Lazarus group in South Korea were discussed and analyzed, as they managed to compromise accounts on various South Korean cryptocurrency exchanges,” wrote Yonathan Klijnsma, threat researcher at RiskIQ, in a blog post. “More recently, they were seen targeting a United Kingdom-based cryptocurrency exchange.”

Several cryptocurrency exchanges have been hit by cyberattacks in recent weeks including South Korean exchange Youbit, which declared bankruptcy after it lost 17% of its assets in a breach last week. While the Youbit attack hasn’t been attributed to the Lazarus Group or other North Korean nation-state hackers, others incidents, including a massive spearphishing campaign targeting a UK-based cryptocurrency business, have been connected to the group.

“The Lazarus Group has increasingly focused on financially motivated attacks and appears to be capitalizing on both the increasing interest and skyrocketing prices for cryptocurrencies,” wrote Darien Huss, senior security researcher at Proofpoint, in the company’s report.

While Proofpoint and RiskIQ don’t name the organizations victimized by the Lazarus Group, researchers from the two vendors outlined the group’s new techniques for stealing cryptocurrency from both exchanges and owners. Proofpoint, for example, described several “multistage attacks” that lure victims into downloading malware, including a backdoored version of PyInstaller, a free application that bundles Python programs into a single executable package, and PowerShell malware known as “PowerRatankba” used for reconnaissance. After the initial infections are completed, Huss said, the attackers hit victims with a second wave of malware that harvests credentials for both individual cryptocurrency wallets and exchange accounts.

RiskIQ, meanwhile, identified a large phishing campaign that claimed to be bitcoin wallet software and featured links that impersonated the domain of Bitcoin Gold. According to RiskIQ researchers, Lazarus Group hackers abused internalized domain name registration to trick victims into believing the malicious site was genuine. In addition, Proofpoint’s report highlights a new type of point-of-sale (POS) malware, dubbed “RatankbaPOS,” that targets the POS framework of KSNET, a major South Korean payment provider.

Huss warned the Lazarus Group has a financially-motivated arm that has branched out beyond typical nation-state activity and is targeting individuals the same way that organized cybercrime outfits have.

“This group now appears to be targeting individuals rather than just organizations: individuals are softer targets,” Hess wrote, “often lacking resources and knowledge to defend themselves and providing new avenues of monetization for a state-sponsored threat actor’s toolkit.”

Wanted – DDR3 2400Mhz 2 x 8Gb

Look for 2 x 8Gb DDR3 2400Mhz RAM with low CAS rating, preferably a matched pair with a known brand

Corsair
Kingston etc etc

This is to go into a Z97 system to test if i get better overall FPS over my current 1600Mhz RAM , before i decide to keep for another year or upgrade the lot.

Go easy on the price :)

Thanks for looking.

Location: Southampton

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Asus ROG 27″ PG278Q Monitor 2560×1440

Asus PG278Q 27″ 2560×1440 monitor for sale. Great condition, no known issues (had an occasionally glitchy PSU so comes with a replacement genuine ASUS PSU plus the original), about 2.5 years old, one owner. Selling as have bought a new super-wide monitor.

This monitor is very highly rated and commands high prices on a certain auction site. As usual though I prefer to try to sell here first – no fees, and generally decent people.

Prefer buyer collects.

Cheers
Bertie

Price and currency: 250
Delivery: Goods must be exchanged in person
Payment method: Cash or BT
Location: Milton Keynes
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Asus ROG 27″ PG278Q Monitor 2560×1440

Asus PG278Q 27″ 2560×1440 monitor for sale. Great condition, no known issues (had an occasionally glitchy PSU so comes with a replacement genuine ASUS PSU plus the original), about 2.5 years old, one owner. Selling as have bought a new super-wide monitor.

This monitor is very highly rated and commands high prices on a certain auction site. As usual though I prefer to try to sell here first – no fees, and generally decent people.

Prefer buyer collects.

Cheers
Bertie

Price and currency: 250
Delivery: Goods must be exchanged in person
Payment method: Cash or BT
Location: Milton Keynes
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.