October’s IT Monthly News Digest (IT Toolbox Blogs)

CERT-LatestNews ThreatsEconomic Uncategorized

New Ransomware Attack Bad Rabbit a New Petya Variant

A new form of ransomware dubbed Bad Rabbit, is infecting computers around Europe via drive-by attacks masquerading as Flash updates. It is believed to be a variant of the Petya family. Russian cybersecurity company Group-IB confirmed at least three media organizations in the country have been hit by file-encrypting malware, and the Russian news agency Interfax also reported a “hacker attack” on its systems, which were knocked offline. Victims are sent a ransom note informing them their files are “no longer accessible” and are directed to a Tor payment page with a countdown timer. Cybersecurity researchers said Bad Rabbit and NotPetya’s DLL (dynamic link library) share 67 percent of the same code, indicating the two ransomware variants are closely related, potentially even the work of the same threat actor. It’s not know whether it is possible to decrypt files locked by Bad Rabbit without paying the ransom. It is also not clear who is distributing the ransomware or why. (ZDNet, TechRepublic)

Kaspersky Allowing Independent Reviews of its Antivirus Software

Cybersecurity firm Kaspersky will open up its software to independent parties for review after the U.S. government expressed concerns over Russian influence. Kaspersky said in a statement that it would submit the source code of its software and future product updates for review by computer security experts and government officials. Kaspersky has been ranked by Gartner as one of the top cybersecurity vendors for consumers in the world and its software is used on some 400 million computers globally. Last month, the Trump administration banned government agencies from using Kaspersky Lab antivirus products after reports that Russian government hackers were using it to steal spy secrets from the U.S. National Security Agency. Both Kaspersky and the Kremlin have denied the allegations. (Reuters)

Cisco Purchasing Cloud Communications Provider Broadsoft for $1.9 Billion

Networking giant Cisco said it is planning to spend $1.9 billion to acquire Broadsoft, a Maryland-based cloud communications company that develops software for PBX systems, team collaboration, and other related enterprise products. Cisco is better known for its data center and networking hardware, but the company has long intimated its intentions to transition into a software company. Cisco aims to combine Broadsoft’s cloud voice and contact center software with its hardware, meetings and services products. The BroadSoft deal would be Cisco’s second major acquisition this year following the $3.7 billion acquisition of privately-held AppDynamics Inc. in March. Cisco said it expects the deal to close in the first quarter of 2018. (VentureBeat, Reuters)

Intel’s Neural Network Processor to Accelerate Machine Learning Work

Chip maker Intel will soon ship its first-generation Neural Network Processor, code named “Lake Crest,” to some of its partners to help them increase their machine learning work. The NNPs are designed to quickly tackle the math underpinning artificial intelligence applications, specifically neural networks, which is a component of machine learning. Large, deep neural networks can be very computationally intensive, making them harder to test and deploy rapidly. A select number of Intel’s partners will receive the NNPs at the outset through the company’s Nervana Cloud service. The hardware will be made more available down the road. (VentureBeat)

AOL Shutting Down AIM Service in December

Signaling the end of an era, AOL is discontinuing its Instant Messenger products and services on Dec. 15, 2017. In a statement, the company said it “loved working and building the first chat app of its kind since 1997,” but that its focus is on “providing the kind of innovative experiences consumers want.” AOL said there will not be a replacement product for AIM and the plan is to bring “new, iconic products and experiences.” All AIM-related data will be deleted after Dec. 15th, AOL said. Users will still be able to use their @aim.com email addresses, though. (AOL)

Yahoo 2013 Hacked Accounts is Three Times Higher Than Previously Estimated

The 2013 cyberattack on Yahoo was actually worse than originally stated, with the company now saying all of its three billion users were affected. That figure is triple its earlier estimate of the size of the largest breach in history, a disclosure that attorneys said sharply increases the legal exposure of Verizon, which now owns the company. The accounts include email, Tumblr, Fantasy and Flickr. “The company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft,” Verizon said in a statement. Yahoo said last December that data from more than one billion accounts was compromised in 2013, which forced it to cut the price of its assets in a sale to Verizon. (Reuters, CNN)

About the Author

EstherEsther Shein is a freelance writer and editor whose work has appeared in several online and print publications. Previously she was the editor-in-chief of the online technology magazine Datamation. She was also a senior writer at eWeek (formerly PC Week) magazine for several years. She is a member of the Internet Press Guild (IPG). She can be found on Twitter @eshein.