Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Community Lounge > Wibble
FedoraForum Search

Forgot Password? Join Us!

Wibble A place to have a sensible chat, about anything non linux related. Please remember that political and religious topics are not permitted.

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 13th May 2017, 02:29 AM
Evil_Bert Offline
Retired Again - Administrator
 
Join Date: Nov 2007
Location: .
Posts: 3,404
linuxubuntufirefox
Another Day, Yet Another Massive Windows Exploit - Ransom Attack

So, guess what the moral of this story is?

http://www.abc.net.au/news/2017-05-1...ations/8523102

https://www.theregister.co.uk/2017/0...nsomware_worm/

http://www.brisbanetimes.com.au/tech...12-gw42ts.html


So glad I use Linux.
__________________
Marching to the beat of his own conundrum.

Last edited by Evil_Bert; 13th May 2017 at 02:39 AM.
  #2  
Old 13th May 2017, 05:46 AM
hiGuys Offline
Registered User
 
Join Date: Jun 2013
Location: USA
Posts: 348
linuxfirefox
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

What is unbelievable to me is so much critical infrastructure (hospitals etc) running Windows. When in hell will this stop? Why make it so easy for the enemy to cripple systems?
__________________
Mind the gap.
  #3  
Old 13th May 2017, 08:07 AM
antikythera Offline
Administrator
 
Join Date: Dec 2013
Location: United Kingdom
Posts: 4,053
linuxchrome
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

a lot of health authorities are running windows XP still. the issue is a lot of the specialist machinery uses XP so the cost isn't just the upgrade of client machines in clinics and admin rooms but also the X-Ray department, Optology, Oncology, Cardiothoracics, Surgical, life support equipment (the list is pretty much endless)

however, the ransomware penetrated the email system as NHS England and Scotland use the same vulnerable email infrastructure.

NHS Wales have a different backend after an employee previously created a mail DoS by sending a load of rubbish to all and people started replying to all not to open it...
__________________
Download, Install and Share Fedora - Official ISO Torrents | Live ISO Respins containing post-release updates
  #4  
Old 13th May 2017, 08:23 AM
ocratato Offline
Registered User
 
Join Date: Oct 2010
Location: Canberra
Posts: 2,499
linuxfirefox
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

I don't have too much issue with specialist equipment continuing to run old operating systems since getting this sort of stuff certified for use in life critical applications is not cheap.

However, why in $DEITY's name are these machines connected to the general network with email ???
Surely, it would not be too difficult to isolate these systems (via a very secure router if moving data to or from them is necessary).

On the other hand, if its just ordinary office workers' machines, then their administrators should get a serious reprimand for not keeping them up-to-date. If its too expensive, then they need to seriously look at the process they went through when deciding to install computers in the first place - there has to be a a line item in their budgets for computer upgrades.
__________________
Has anyone seriously considered that it might be turtles all the way down?
That's very old fashioned thinking.
The current model is that it's holographic nested virtualities of turtles, all the way down.
  #5  
Old 13th May 2017, 08:29 AM
antikythera Offline
Administrator
 
Join Date: Dec 2013
Location: United Kingdom
Posts: 4,053
linuxchrome
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

most of the local health authorities that form the NHS these days contract maintenance out and won't allocate money for upgrades. they are also all in massive levels of debt, so the contractors aren't likely to do the work until they get paid up front either. As per usual IT systems are at the bottom of the list when the annual budget is drawn up. In this case it makes sense since patient care from medical staff should and does take precedence. Money wasted on overpaid management and under utilised admin staff could be better utilised elsewhere though.
__________________
Download, Install and Share Fedora - Official ISO Torrents | Live ISO Respins containing post-release updates
  #6  
Old 13th May 2017, 10:55 AM
flyingdutchman Online
Registered User
 
Join Date: Jan 2015
Location: Al Ain, UAE
Posts: 614
macosfirefox
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

Hmm, in computer software, there is no correlation between quality and price, but IT managers think there is, or get paid by vendors to pretend that there is. The result is that these large organizations all blow their budgets on crapware, while it could have been done better for less.
__________________
--
Have fun!
http://www.aeronetworks.ca
  #7  
Old 14th May 2017, 10:44 PM
antikythera Offline
Administrator
 
Join Date: Dec 2013
Location: United Kingdom
Posts: 4,053
linuxchrome
Re: Microsoft Issues Emergency Out-Of-Band Update to Fix "Crazy Bad" Vulnerability

Seemingly this has now escalated enough for Redmond to release security updates for all EOL OS from Windows XP and Server 2003 onwards (including the cludge of the two called Windows XP x64 Edition)

downloads here
__________________
Download, Install and Share Fedora - Official ISO Torrents | Live ISO Respins containing post-release updates
  #8  
Old 15th May 2017, 09:23 AM
antikythera Offline
Administrator
 
Join Date: Dec 2013
Location: United Kingdom
Posts: 4,053
linuxchrome
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

and the award for silliest email wording ever goes to North Wales Police OWL Messaging

Quote:
Ran some Cyber Attack - take care
So they started it all then...
__________________
Download, Install and Share Fedora - Official ISO Torrents | Live ISO Respins containing post-release updates
  #9  
Old 15th May 2017, 08:04 PM
lsatenstein Online
Registered User
 
Join Date: Jun 2005
Location: Montreal, Que, Canada
Posts: 3,934
linuxfedorafirefox
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

The next exploits are going to be intel based. All CPUS have a mangement engine or a bios that can take patches. That is the way Intel can correct defective instructions that are reported after the chips are in the field. You probably noted the Intil updates as a binary file. If my memory serves me well, the bios opens the door to the cpu chip to allow that bios update.
Once the update has taken place, the cpu door to instruction modification is shut.
Hackers are now using that access gateway to make non-privileged instructions privileged, or to mask "traps". And by the way, Intel typically remasks their cpus to correct bugs that are reported. It is trivially risky to be the first to use a newly designed CPU chip.

More information available here

and here. and some Matthew Garrett info
__________________
Leslie in Montreal

Interesting web sites list
http://forums.fedoraforum.org/showth...40#post1697840

Last edited by lsatenstein; 15th May 2017 at 08:18 PM.
  #10  
Old 16th May 2017, 09:42 AM
Evil_Bert Offline
Retired Again - Administrator
 
Join Date: Nov 2007
Location: .
Posts: 3,404
linuxubuntufirefox
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

Quote:
Originally Posted by lsatenstein View Post
The next exploits are going to be intel based. All CPUS have a mangement engine or a bios that can take patches. That is the way Intel can correct defective instructions that are reported after the chips are in the field. You probably noted the Intil updates as a binary file. If my memory serves me well, the bios opens the door to the cpu chip to allow that bios update.
Once the update has taken place, the cpu door to instruction modification is shut.
Hackers are now using that access gateway to make non-privileged instructions privileged, or to mask "traps". And by the way, Intel typically remasks their cpus to correct bugs that are reported. It is trivially risky to be the first to use a newly designed CPU chip.

More information available here

and here. and some Matthew Garrett info
I believe there's already a thread on that: http://forums.fedoraforum.org/showthread.php?t=314142

Anyhow ...

http://www.abc.net.au/news/2017-05-1...-korea/8531110

The ransom attack is thought to be North Korean in origin, though evidence is not yet strong enough to prove it. Nuke 'em anyway; it'll do 'em good.
__________________
Marching to the beat of his own conundrum.
  #11  
Old 16th May 2017, 10:35 AM
antikythera Offline
Administrator
 
Join Date: Dec 2013
Location: United Kingdom
Posts: 4,053
linuxchrome
Re: Another Day, Yet Another Massive Windows Exploit - Ransom Attack

and on that note, thread closed.

bert you should know better
__________________
Download, Install and Share Fedora - Official ISO Torrents | Live ISO Respins containing post-release updates
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Attacks actively exploit code-execution bug in Windows mmix Wibble 0 13th June 2012 02:12 PM
No .rar file support forces users to install windows on a massive scale birdwatcher Reviews, Rants & Things That Make You Scream 32 1st December 2011 05:55 AM
sure, times are tough and ransom subjects aren't as bountiful as they used to be... schwim Wibble 2 5th September 2007 05:04 AM
Problem about VsFTPd attack ( scan attack ) pratchaya Security and Privacy 0 25th April 2007 04:06 PM
Ransom note font? robatino Using Fedora 2 21st April 2005 04:26 AM


Current GMT-time: 16:22 (Thursday, 25-05-2017)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat