Menu

Timesdelhi.com

May 24, 2019
Category archive

microsoft windows

Two years after WannaCry, a million computers remain at risk

in cyberattacks/Cyberwarfare/Delhi/Government/Hack/India/malware/Microsoft/microsoft windows/National Security Agency/North Korea/operating systems/Politics/ransomware/search engine/Security/security breaches by

Two years ago today, a powerful ransomware began spreading across the world.

WannaCry spread like wildfire, encrypting hundreds of thousands of computers in over 150 countries in a matter of hours. It was the first time that ransomware, a malware that encrypts a user’s files and demands cryptocurrency in ransom to unlock them, had spread across the world in what looked like a coordinated cyberattack.

Hospitals across the U.K. declared a “major incident” after they were knocked offline by the malware. Government systems, railway networks and private companies were also hit.

Security researchers quickly realized the malware was spreading like a computer worm, across computers and over the network, using the Windows SMB protocol. Suspicion soon fell on a batch of highly classified hacking tools developed by the National Security Agency, which weeks earlier had been been stolen and published online for anyone to use.

“It’s real,” said Kevin Beaumont, a U.K.-based security researcher at the time. “The shit is going to hit the fan big style.”

WannaCry relied on stolen NSA-developed exploits, DoublePulsar and EternalBlue, to hack into Windows PCs and spread through the network. (Image: file photo)

An unknown hacker group — later believed to be working for North Korea — had taken those published NSA cyberweapons and launched their attack — likely not realizing how far the spread would go. The hackers used the NSA’s backdoor, DoublePulsar, to create a persistent backdoor that was used to deliver the WannaCry ransomware. Using the EternalBlue exploit, the ransomware spread to every other unpatched computer on the network.

A single vulnerable and internet-exposed system was enough to wreak havoc.

Microsoft, already aware of the theft of hacking tools targeting its operating systems, had released patches. But consumers and companies alike moved slowly to patch their systems.

In just a few hours, the ransomware had caused billions of dollars in damages. Bitcoin wallets associated with the ransomware were filling up by victims to get their files back — more often than not in vain

Marcus Hutchins, a malware reverse engineer and security researcher, was on vacation when the attack hit. “I picked a hell of a fucking week to take off work,” he tweeted. Cutting his vacation short, he got to work. Using data from his malware tracking system had found what became WannaCry’s kill switch — a domain name embedded in the code, which he registered and immediately saw the number of infections grind to a halt. Hutchins, who pleaded guilty to unrelated computer crimes last month, was hailed a hero for stemming the spread of the attack. Many have called for leniency if not a full presidential pardon for his efforts.

Trust in the intelligence services collapsed overnight. Lawmakers demanded to know how the NSA planned to mop up the hurricane of damage it had caused. It also kicked off a heated debate about how the government hoards vulnerabilities to use as offensive weapons to conduct surveillance or espionage — or when it should disclose bugs to vendors in order to get them fixed.

A month later, the world braced itself for a second round of cyberattacks in what felt like what would soon become the norm.

NotPetya, another ransomware which researchers also found a kill switch for, used the same DoublePulsar and EternalBlue exploits to ravish shipping giants, supermarkets and advertising agencies, which were left reeling from the attacks.

Two years on, the threat posed by the leaked NSA tools remains a concern.

As many as 1.7 million internet-connected endpoints are still vulnerable to the exploits, according to the latest data. Data generated by Shodan, a search engine for exposed databases and devices, puts the figure at the million mark — with most of the vulnerable devices in the U.S. But that only accounts for devices directly connected to the internet and not the potentially millions more devices connected to those infected servers. The number of vulnerable devices is likely significantly higher.

More than 400,000 exposed systems in the U.S. alone can be exploited using NSA’s stolen hacking tools. (Image: Shodan)

WannaCry continues to spread and occasionally still infects its targets. Beaumont said in a tweet Sunday that the ransomware remains largely neutered, unable to unpack and begin encrypting data, for reasons that remain a mystery.

But the exposed NSA tools, which remain at large and able to infect vulnerable computers, continue to be used to deliver all sorts of malware — and new victims continue to appear.

Just weeks before city of Atlanta was hit by ransomware, cybersecurity expert Jake Williams found its networks had been infected by the NSA tools. More recently, the NSA tools have been repurposed to infect networks with cryptocurrency mining code to generate money from the vast pools of processing power. Others have used the exploits to covertly ensnare thousands of computers to harness their bandwidth to launch distributed denial-of-service attacks by pummeling other systems with massive amounts of internet traffic.

WannaCry caused panic. Systems were down, data was lost, and money had to be spent. It was a wakeup call that society needed to do better at basic cybersecurity.

But with a million-plus unpatched devices still at risk, there remains ample opportunity for further abuse. What we may not have forgotten two years on, clearly more can be done to learn from the failings of the past.

Read more:

Windows gets a new terminal

in computing/Delhi/Developer/India/linux/Microsoft/microsoft windows/MS Build 2019/Politics/Powershell/programming languages/shell/TC/terminal/Windows 10 by

Windows 10 is getting a new terminal for command-line users, Microsoft announced at its Build developer conference today.

The new so-called ‘Windows Terminal’ will launch in mid-June and promises to be a major update of the existing Windows Command Prompt and PowerShell experience. Indeed, it seems like the Terminal will essentially become the default environment for PowerShell, Command Prompt and Windows Subsystem for Linux users going forward.

The new terminal will feature faster, GPU-accelerated text rending and “emoji-rich” fonts, because everything these days needs to support emojis and those will sure help lighten up the command-line user experience. More importantly, though, the Windows Terminal will also support shortcuts, tabs, tear-away windows, and theming, as well as extensions. It will also natively support Unicode and East Asian fonts.

The idea here, Microsoft says, is to “elevate the command-line user experience on Windows.”

The first preview of the new Windows Terminal is now available.

Security giant FireEye’s Q1 earnings in line with expectations, but outlook light

in Companies/Delhi/earnings/FireEye/India/microsoft windows/Politics/Security/virtual machine/Windows by

FireEye, one of the largest and most prominent security companies on the market, reported its fiscal first-quarter earnings after the bell Tuesday.

The cybersecurity giant reported first-quarter loss of $78.3 million, or 38 cents a share, on revenues of $210 million (statement). FireEye reported a loss of 3 cents per share on a non-GAAP basis, in line with Wall Street expectations.

FireEye’s chief executive Kevin Mandia said the company “met or exceeded our guidance ranges for all key financial metrics” for the quarter.

The company had a good quarter news-wise. In March, the company debuted its secure email gateway, released its new Windows virtual machine-based malware analysis platform and continued to publish groundbreaking new research on prominent threat groups, as well as keeping on top of global cyberattack efforts.

And, just after the quarter closed earlier this month, the company revealed a second intrusion from a nation-state backed hacker group it calls Triton.

Looking ahead, FireEye said it expects to report second-quarter non-GAAP earnings between 1 cent and 3 cents with revenue between $212 and $216 million. Wall Street was expecting a second-quarter outlook of 4 cents per share on revenues of $216 million.

For the full year, FireEye is expecting revenues between $880 million and $890 million.

FireEye closed the day at $16.02, up more than 1%. In after-hours trading, the company was trending up.

Security flaw in EA’s Origin client exposed gamers to hackers

in Delhi/Electronic Arts/hacking/India/internet security/malware/microsoft windows/Politics/privacy/Safety/Security/security breaches/spokesperson by

Electronic Arts has fixed a vulnerability in its online gaming platform Origin after security researchers found they could trick an unsuspecting gamer into remotely running malicious code on their computer.

The bug affected Windows users with the Origin app installed. Tens of millions of gamers use the Origin app to buy, access and download games. To make it easier to access an individual game’s store from the web, the client has its own URL scheme that allows gamers to open the app and load a game from a web page by clicking a link with origin:// in the address.

But two security researchers, Daley Bee and Dominik Penner of Underdog Security, found that the app could be tricked into running any app on the victims computer.

“An attacker could’ve ran anything they wanted,” Bee told TechCrunch.

‘Popping calc’ to demonstrate a remote code execution bug in Origin. (Image: supplied)

The researchers gave TechCrunch proof-of-concept code to test the bug for ourselves. The code allowed any app to run at the same level of privileges as the logged-in user. In this case, the researchers popped open the Windows calculator — the go-to app for hackers to show they can run code remotely on an affected computer.

But worse, a hacker could send malicious PowerShell commands, an in-built app often used by attackers to download additional malicious components and install ransomware.

Bee said a malicious link could be sent as an email or listed on a webpage, but could also triggered if the malicious code was combined with a cross-site scripting exploit that ran automatically in the browser.

It was also possible to steal a user’s account access token using a single line of code, allowing a hacker to gain access to a user’s account without needing their password.

Origin’s macOS client wasn’t affected by the bug.

EA spokesperson John Reseburg confirmed a fix was rolled out Monday. TechCrunch confirmed the code no longer worked following the update.

Here’s the first official preview of Microsoft’s Chromium-based Edge browser

in bookmark/chrome os/chromium/Delhi/EDGE/freeware/Google/google-chrome/India/Microsoft/Microsoft Edge/microsoft windows/Netflix/operating systems/Politics/Software/TC/video services/Web browsers by

Microsoft today launched the first official version of its Edge browser with the Chromium engine for Windows 10. You can now download the first developer and canary builds here. The canary builds will get daily updates and the developer builds will see weekly updates. Over time, you’ll also be able to opt in to the beta channel and, eventually, the stable channel.

The company first announced this project last December and the news obviously created quite a stir, given that Microsoft was abandoning its own browser engine development in favor of using an open-source engine — and one that is still very much under the control of Google. With that, we’re now down to two major browser engines: Google’s Chromium and Mozilla’s Gecko.

I used the most recent builds for the last week or so. Maybe the most remarkable thing about using Microsoft’s new Chromium-based Edge browser is how unremarkable it feels. It’s a browser and it (with the exceptions of a few bugs you’d expect to see in a first release) works just like you’d expect it to. That’s a good thing, in that if you’re a Windows user, you could easily use the new Edge as your default browser and would be just fine. On the other hand — at least at this stage of the project — there’s also very little that differentiates Edge with Chromium from Google’s own Chrome browser.

That will change over time, though, with more integrations into the Windows ecosystem. For now, this is very much a first preview and meant to give web and extensions developers a platform for testing their sites and tools.

There are a few points of integration with Microsoft’s other services available already, though. Right now, when you install the Edge preview builds, you get the option to choose your new tab layout. The choices are a very simple new tab layout that only presents a search bar and a few bookmarks and a variation with a pretty picture in the background, similar to what you’d see on Bing. There is, however, also another option that highlights recent news from Microsoft News, with the option to personalize what you see on that page.

Microsoft also says that it plans to improve tab management and other UI features as it looks at how it can differentiate its browser from the rest.

In this first preview, some of the syncing features are also already in place, but there are a few holes here. So while bookmarks sync, extensions, your browsing history, settings, open tabs, addresses and passwords do not. That’ll come in some of the next builds, though.

Right now, the only search engine that’s available is Bing. That, too, will obviously change in upcoming builds.

Microsoft tells me that it prioritized getting a full end-to-end browser code base to users and setting up the engineering systems that will allow it to both push regular updates outside of the Windows update cycle and to pull in telemetry data from its users.

Most of the bugs I encountered where minor. Netflix, though, regularly gave me trouble. While all other video services I tried worked just fine, the Netflix homepage often stuttered and became unresponsive for a few seconds.

That was the exception, though. In using the new Edge as my default browser for almost a week, I rarely ran into similar issues and a lot of things ‘just work’ already. You can read PDFs in the browser, just like you’d expect. Two-factor authentication with a Yubikey to get into Gmail works without an issue. Even complex web apps run quickly and without any issues. The extensions I regularly use, including LastPass, worked seamlessly, no matter whether I installed them from the Google store or Microsoft’s library.

I also ran a few benchmarks and unsurprisingly, Edge and the latest version of Chrome tend to score virtually the same results. It’s a bit too early in the development process to really focus on benchmarks, but the results are encouraging.

With this release, we’re also getting our first official look at using extensions in the new Edge. Unsurprisingly, Microsoft will offer its own extension store, but with the flip of a switch in the settings, you’ll also be able to install and use extensions from third-party marketplaces, meaning the Chrome Web Store. Extension developers who want to add their tools to the Microsoft marketplace can basically take their existing Chrome extensions and use those

Microsoft’s promise, of course, is that it will also bring the new Edge to Windows 7 and Windows 8, as well as the Mac. For now, though, this first version is only available on 64-bit versions of Windows 10. Those are in the works, but Microsoft says they simply aren’t quite as far along as the Windows 10 edition. This first release is also English-only, with localized versions coming soon, though.

While anybody can obviously download this release and give it a try, Microsoft stressed that if you’re not a tech enthusiast, it really isn’t for you. This first release is very much meant for a technical audience. In a few months, though, Microsoft will surely start launching more fully-featured beta versions and by that time, the browser will likely be ready for a wider audience. Still, though, if you want to give it a try, nobody is stopping you today, no matter your technical expertise.

1 2 3 5
Go to Top