Leaked NSA Malware Puts Windows Computers At Risk

A group of hackers have released malware made by the NSA that puts all computers running Windows at risk of being hacked.

The Shadow Brokers hacking group claimed in a blog post on Friday that it had obtained US National Security Agency tools that enable them to steal users’ data.

Friday’s blog post included downloads to potent exploits and hacking tools that target most versions of Microsoft Windows, and included evidence of hacks on the SWIFT banking system of several banks around the globe.

The group directed  visitors to download files and codes that revealed previously undisclosed computer exploits made by the NSA—known as zero-day exploits—that experts have warned are likely to cause chaos around the world in the coming weeks. …

Source: Leaked NSA Malware Puts All Windows Computers At Risk

Share

Skype users hit by ransomware through in-app malicious ads

Several users have complained that ads served through Microsoft’s Skype app are serving malicious downloads, which if opened, can trigger ransomware.

News of the issue came from a Reddit thread on Wednesday, in which the original poster said that Skype’s home screen — the first screen that shows up on consumer versions of the software — was pushing a fake, malicious ad, purporting to be a critical update for the Flash web plug-in.

According to the thread, the ad triggered a download of an HTML application, designed to look like a legitimate app. The app, when opened, would download a malicious payload, which locks the user’s computer and encrypts its files for ransom. …

Source: Skype users hit by ransomware through in-app malicious ads

Share

New Word macro malware infects macOS and Windows

Another form of Microsoft Word malware that infects both macOS and Windows machines has been detected.

The malicious VBA (Visual Basic for Applications) code is buried in a Word document macro and automatically adapts its attack depending on the operating system used. Once installed, it can be used to download more payload files to your computer. …

Because the attack is disguised as an innocent Word macro, it goes undetected until it is too late. If you’ve told your computer to open macros automatically, malicious code can be executed before you have any idea it’s there. …

Source: New Word macro malware infects macOS and Windows

Share

Researchers Uncover macOS and Safari Exploits at Pwn2Own 2017

… Day one results have already been published over at the Zero Day Initiative website, with a couple of successful Mac-related exploits already appearing in the list of achievements. Independent hackers Samuel Groß and Niklas Baumstark landed a partial success and earned $28,000 after targeting Safari with an escalation to root on macOS, which allowed them to scroll a message on a MacBook Pro Touch Bar. …

Later in the day, Chaitin Security Research Lab also targeted Safari with an escalation to root on macOS, finding success using a total of six bugs in their exploit chain, including “an info disclosure in Safari, four type confusion bugs in the browser, and a UAF in WindowServer”. The combined efforts earned the team $35,000. …

The participating teams earned a total of $233,000 in prizes on day one, including a leading $105,000 earned by Tencent Security, according to published details. Other software successfully targeted by contestants include Adobe Reader, Ubuntu Desktop, and Microsoft Edge on Windows. …

Source: Researchers Uncover macOS and Safari Exploits at Pwn2Own 2017

Share

AMD Collaborates with Microsoft to Advance Open Source Cloud Hardware

Microsoft’s Project Olympus platform design to incorporate the upcoming high-performance “Naples” x86 server processor

SANTA CLARA, Cali. 3/8/2017

​At the 2017 Open Compute Project U.S. Summit, AMD announced their collaboration with Microsoft to incorporate the cloud delivery features of AMD’s next-generation “Naples” processor with Microsoft’s Project Olympus – Microsoft’s next-generation hyperscale cloud hardware design and a new model for open source hardware development with the OCP community.

Through Microsoft’s contribution of the Project Olympus design much earlier in the cycle than many OCP projects, AMD was able to engage early on in the design process and foster a deep collaboration around the strategic integration of AMD’s upcoming “Naples” processor. The performance, scalability and efficiency found at the core of Project Olympus and AMD’s “Naples” processor means the updated cloud hardware design can adapt to meet the application demands of global datacenter customers. …

Source: AMD Collaborates with Microsoft to Advance Open Source Cloud Hardware

Share