Actif depuis 2011, Gamarue infectait plus de 1,1 million de systèmes par jour. Les chercheurs ESET et Microsoft ont partagé avec les forces de l’ordre leurs analyses techniques, des données statistiques et les domaines des serveurs CC (commande et contrôle) utilisés par ce réseau de botnets. ESET a également fourni l’ensemble de ses recherches sur Gamarue / Andromeda.
« Compte tenu de l’ampleur et de la persistance de cette menace, lorsque Microsoft a sollicité notre aide pour mettre fin à ce réseau de botnets, nous n’avons pas hésité une seconde », déclare Jean-Ian Boutin, Senior Malware Researcher chez ESET.
Vendu comme un cyber-crime-kit sur les forums clandestins du dark net, cet hyper-diffuseur de codes malveillants s’implantait grâce à un code “discret” qui échappait à certains mécanismes de contrôle et de détection. Fort de cette discrétion, Gamarue / Andromeda serait à l’origine de la diffusion de plus de 80 familles de malwares comprenant des
In an unmarked building in central Delhi, a group of techies are fixated on their screens as a set of numbers and heat maps keeps them interested. “Some of the data pertain to IP addresses of infected computers. We may have taken out the main server of a botnet, but millions of computers may still be infected by the malware. The users do not know of the infection and hence the computers continue to transmit information. However, since we have taken out the malicious server, the information is not being received by anyone,” says one of them. Other data relate to attempts of unauthorized data access, device login attempts, attacks of various kinds and spam alerts.
This can be a standard for any company in the cyber security business around the world, but what is not known to many is the fact that technology giant
Microsoft Windows 10 version 1507 has not been getting monthly security updates since May 9. However, there is still a large number of users sticking to the version, so Microsoft has decided to send them desktop notifications pushing them to upgrade to the latest version, which is currently Windows 10 Creators Update version 1703, notes Engadget.
Please use latest Windows 10 version: Microsoft
Over the past couple of months, ransomware has disrupted industries around the globe. Older versions of Windows have helped spread such cyber-attacks. Thus, Microsoft has been asked repeatedly to offer better security updates to those versions. So the company is not taking any chances
The FBI’s J. Edgar Hoover Headquarters. The FBI has been using a range of hacking techniques in recent years, as privacy activists fret about their widespread deployment. (AP Photo/Cliff Owen)
In an investigation into a Irondequoit, New York cop accused of stalking and harassing an ex-girlfriend, the FBI used techniques it often sees deployed by cybercriminals it investigates. It sent emails to the suspect containing Microsoft Word and Excel documents that, once clicked, would help them unmask the identity of the officer, William Rosica.
A warrant detailing the hacking methods – known amongst law enforcement as Network Investigative Techniques – provided rare insight into the FBI’s digital techniques. While previous reporting of Rosica’s case has focused on the disturbing nature of the alleged crimes of the now-former policeman, it ignored the technical and ethical questions around such methods. In this case, though, security experts and privacy activists agree:
Technology giant Microsoft is blaming the National Security Agency for the cyber extortion that hit hundreds of thousands of computer networks worldwide.
Brad Smith, Microsoft’s president and chief legal officer, also stated in a posting Sunday that the company notified customers in March that a security hole used in the global ransomware attack should be patched.
Malicious software called “WannaCry” was distributed early Friday morning. It first disrupted health care networks in Britain and telecommunications networks in Spain before expanding to more than 100 nations.
An expected second wave of ransomware attacks on Monday was less severe than some experts suspected.
The hacking group Shadow Brokers last week revealed a large number of Windows vulnerabilities it claims to have stolen from the National Security Agency (NSA), but Microsoft said Friday that it has already patched most of them. The company has also rolled out new privacy settings through its recent Creators Update.
Nine exploits released by the Shadow Brokers have already been patched, while three others only affected users running older, unsupported versions of the Windows operating system, said principal security group manager Phillip Misner on Microsoft’s TechNet IT portal. Misner said anyone with those older versions should upgrade their systems to avoid the vulnerabilities.
Since emerging last summer, the Shadow Brokers organization has published five leaks of zero-days and other vulnerabilities it claims to have taken from the NSA. The exploits the group revealed Friday included Windows vulnerabilities as
Microsoft is opening a cyber security center in Mexico City in order to better combat an estimated $4 billion industry, a decision that points to growing concern about this type of crime in the country.
Microsoft issued a press release on February 24 announcing the opening of the new center and outlining its projected role in advancing cyber security in the region.
“By opening this center, we are bringing Microsoft’s offer of security increasingly closer to customers in order to be a strategic part of their transformation, and together we will create a country and a region that are more prosperous and productive, and above all, that are safer,” said Jorge Silva, general manager of Microsoft Mexico.
The center will help fight cyber crime, particularly in the dismantling of criminal organisations that operate through Botnet scheme. ( Image for representation, Source: Reuters)
To support government efforts against cyber crime while also helping companies and citizens to be more secure, Microsoft has announced the launch of a cyber security centre in Mexico. The Cyber Security Engagement Centre will serve Mexico and other Latin American countries, Microsoft said.
“By opening this Cyber Security Center, we are offering our clients protection from attacks and security risks, as well as ways to detect them and find solutions,” Jorge Silva, General Manager of Microsoft Mexico, said in a statement released this weekend.
Microsoft takes cyber crime very seriously. After all, as the pioneer of personal computing, the company is deeply tied with the virtual world and what takes place in it. It was also among the first to call for a digital Geneva convention for cyber warfare as well. Along the same, the company has announced a new initiative that will sell and propagate cybersecurity services to organizations across the breadth of Latin America.
To reinforce its commitment to help people, companies and countries within Latin America to continue their journey towards digital transformation, Microsoft is launching a Cybersecurity Engagement Center in Mexico, part of a global initiative to present the company’s unique perspective on matters of IT security.
The center will work alongside the company’s cybercrime center in Redmond and will help companies as well as government, with getting access to advanced security solutions that will help them get