Bitdefender’s new Premium product Gravity Zone Elite has launched.  The product is rated excellent by PC Mag in its review. It comes replete with a Sandbox analyzer, and will show the actions of the attack to help with forensics and effective countermeasures in the future.  This is the ideal product for Bitdefender clients who would prefer to upgrade to this new technology from their very efficient Bitdefender Gravity Zone Business Security or Gravity Zone Advanced Security Platforms. Contact CloudSilicon to learn how to upgrade effortlessly and cost effectively.

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models.

Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work

HP said more than 460 models of laptop were affected by the “potential security vulnerability”.

It has issued a software patch for its customers to remove the keylogger.

The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012.

In a statement, the company said: “HP uses Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com.”

‘Loss of confidentiality’

Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop.

He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing.

According to HP, it was originally built into the Synaptics software to help debug errors.

It acknowledged that could lead to “loss of confidentiality” but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

In May, a similar keylogger was discovered in the audio drivers pre-installed on several HP laptop models.

At the time, the company said the keylogger code had been mistakenly added to the software.

Source:  bbc.com/news/technology-42309371

Source: Three Cybersecurity Trends Driving the Bank of Canada’s Call for Cybersecurity to be Treated as a ‘Public Good’ – Lexology

Source: Evolve Cyber Security Index ETF – Evolve Funds

In the last 24 hours a murderer with allegiance to a terror organization in the Middle East, killed 22 people, including children at the Manchester Arena in the UK. This terror organization uses the encrypted messaging app Telegram which self describes itself in the following terms:  “A native app for every platform. Telegram … What can you do with Telegram? … Private. Telegram messages are heavily encrypted and can self-destruct.”

How ironic, those last 2 words are, given the events at the Ariana Grande concert last night that ended in carnage. Families destroyed, young lives lost, their children, our children.

The Washington Times describes it as “Islamic State using app to broadcast terror instructions, propaganda”

The Washington Post describes it as “ The ‘app of choice’ for jihadists: ISIS seizes on Internet tool to promote terror”

Fortune Magazine lists the App (especially the Android version) as a preferred for the Murderers.

Similar use of Facebook and Twitter have had better results with the crackdown since the Paris attacks on those users who spread jihadist ideologies. Telegram’s founder on the other hand says “ Opening ‘back door’ to encrypted apps could aid terrorists” on an interview with CNN. Other major players also have similar apps but one wonders why this one app is the murderer’s favourite? Yes, there are millions of regular users, but when an app is a preferred app for murderers, should we just carry on with business as usual, or close that loophole?

It is time the people demanded that if the app developers are not successful blocking the communications of jihadists, and this results in death, especially that of children, it must be shut down. The inability or unwillingness to place the lives of children and others over the quest for financial gain must never be rewarded. It is time to send a clear message to Pavel Durov to aggressively address and shut down the jihadi channels on his app or shut down the app itself. Silicon Valley has not built its reputation on the blood of innocents. And it should never ever do so.

Important Update: There is a new variant of the ransomware named WannaCry. This variant encrypts files on the target machine if it is unable to contact the domain in the internet-check URL.  Since the internet-check domain is now a .test domain, it cannot be registered, which was an easy fix for the earlier threat from a few days ago. This defeats some of the known solutions to this ransomware threat.

To protect your organization against this variant, you would need to add a DNS A-record to your DNS server and translate this domain to an existing sinkhole IP.

We expect WannaCry to morph into various forms, and create more havoc before it is all said and done.  We urge all businesses to ensure you have a rock solid business continuity strategy, including a commercial offsite backup. This is critical, and an insurance policy as this threat evolves. It would also be wise to invest in top rated antivirus software and ensure your machines have all the latest security patches.

 

Source: WannaCry Ransomware Campaign: Threat Details and Risk Management « Products and Services Central | FireEye Inc

Source: The NSA’s leaked Windows hack caused more damage than just WannaCry – The Verge

The destructive KillDisk malware previously associated with attacks targeting industrial firms, was recently observed infecting Linux machines as well, ESET security researchers warn.

Note: Recent news reminds us that attackers continue to be active in the digital currency space, targeting not just companies but…

Source: How to safely store digital currency with Coinbase