Might be our turn next.

Europe, US hit by new massive ransomware attack (http://thenewdaily.com.au/news/world/2017/06/28/new-ransomware-hits-europe-us/?utm_source=Responsys&utm_medium=email&utm_campaign=20170628_TND)

Yes. Australian businesses coming to life shortly!

From early accounts, same unpatched out of date Windows vulnerability as the last one (Wannacry). This makes it a bit hard to be sympathetic!

An extensive cyber-attack is underway across the world, affecting critical and non-critical systems in Europe, America and Asia. It is expected Australia will be impacted.

The attack is similar to the recent WannaCry ransomware attack. The virus gets into computers and systems through email containing links or files. If those are opened it downloads the ransomware to the computer.

It is possible, and likely, that various emails and domains will be used to send the attack and these may be sent to you / anybody.

You must be vigilant about the emails you open and the links and files you click.

Important things to remember:

• if you do not know the sender, do not open the email
• if you have opened the email and it looks odd, do not click on links or files
• hover over every link to check where it will take you before you click—even if you know the sender (hovering will show the link destination)

We are not aware of this having affected any Australian forums. Let's hope it stays that way !

business have noone to blame but themselves.
the patch for this has been out for 90 days.

Business's should be using operating systems that are not vulnerable to virus, trojan, malware, spyware or ransomware...

It has been this long road around the world where microsoft sells ice to eskimos and the eskimos lap it up... Or should I say they are selling a perfectly good used bridge to people living on flat country....

I have seen two issues of infection with linux, since my first use of it back before it was GPL licensed... Yet I still see business's that need security, using a system that is quite unsafe and money orientated only...

Most people dont realise it but linux is what nearly all of the internet is run on... and a perfect example of what happens when you remove major parts of the security from linux is Android...

And the best thing I like about LInux, its free for home users and can install to nearly any architecture(computer system types)...

If you think its hard to learn, consider this... One eyed Harley rider(yes two wheel, two cylinder tractor driver), fitter in mines and totally non accepting of anything, can learn to use, then learn to install and setup linux for others, in about 4 years of playing and complaining because I would not teach him hands on but just tell him and let him learn... Can get that good he shows me things, then anybody can use it...PS he's in his late 50's too...

linux = heart bleed

Business's should be using operating systems that are not vulnerable to virus, trojan, malware, spyware or ransomware...

It has been this long road around the world where microsoft sells ice to eskimos and the eskimos lap it up... Or should I say they are selling a perfectly good used bridge to people living on flat country....

I have seen two issues of infection with linux, since my first use of it back before it was GPL licensed... Yet I still see business's that need security, using a system that is quite unsafe and money orientated only...

Most people dont realise it but linux is what nearly all of the internet is run on... and a perfect example of what happens when you remove major parts of the security from linux is Android...

And the best thing I like about LInux, its free for home users and can install to nearly any architecture(computer system types)...

If you think its hard to learn, consider this... One eyed Harley rider(yes two wheel, two cylinder tractor driver), fitter in mines and totally non accepting of anything, can learn to use, then learn to install and setup linux for others, in about 4 years of playing and complaining because I would not teach him hands on but just tell him and let him learn... Can get that good he shows me things, then anybody can use it...PS he's in his late 50's too...

Not going to happen. IT departments have to justify their existence somehow.

Not going to happen. IT departments have to justify their existence somehow.

Thats just it, stability makes sense and techs are still needed... Computers didnt get rid of employees, just added and moved them...

Servers require constant monitoring, thus techs are needed...

Our local shire changed to Linux a few years back when a friend of mine was working there, now there system is stable and the new tech is busy enlarging what they have, for the last few years...

I may have had an influence there as I was experimenting with a system for the local SES (Politics killed the idea) and the shire tech said that they wanted there system to be windows complient to the SES...
Took me a few months of building and discussing things with him, then the SES project was canned but the Tech got me to show him what it could do and how the servers work, thus he grabbed it and ran like the wind...He built a beautiful system, and then because of the Linux training, pulled the pin, left town and last I heard was earning 100,000 plus a year working part time...

Business's should be using operating systems that are not vulnerable to virus, trojan, malware, spyware or ransomware...

It has been this long road around the world where microsoft sells ice to eskimos and the eskimos lap it up... Or should I say they are selling a perfectly good used bridge to people living on flat country....

I have seen two issues of infection with linux, since my first use of it back before it was GPL licensed... Yet I still see business's that need security, using a system that is quite unsafe and money orientated only...

Most people don't realise it but linux is what nearly all of the internet is run on... and a perfect example of what happens when you remove major parts of the security from linux is Android...

And the best thing I like about LInux, its free for home users and can install to nearly any architecture(computer system types)...

If you think its hard to learn, consider this... One eyed Harley rider(yes two wheel, two cylinder tractor driver), fitter in mines and totally non accepting of anything, can learn to use, then learn to install and setup linux for others, in about 4 years of playing and complaining because I would not teach him hands on but just tell him and let him learn... Can get that good he shows me things, then anybody can use it...PS he's in his late 50's too...

In most cases the issue isnt' really the operating system as such, it's the social engineering that's the security problem.

Even in a Linux environment you could easily infect the computer with any virus, if the user isn't aware of what they're actually doing.
it should be remembered that the reason for the propagation of this type of attack isn't that the OS has faults, it's that people are allowing the threat to reach those faults.

Obviously makes more sense to target the Windows environment where most users are at, especially in a corporate sense .. give them a file they think they need to open to view, and bam! .. infection.
if Linux were the primary OS used globally in a home environment, it wouldn't be hard to hide the attack just needing a password .. unknowing user enters password and infects the system with whatever.

The problem is that people really don't like the effort required to add passwords, and they want instant access to all files in the network at all times too.

Because Linux is more of a niche market segment, it's generally populated by folks that know something about computers .. so it's not really worth sending 10 billion emails just to capture that one solitary Linux computer user that has no clue on the concept of security.

One of my sisters had a ransomware virus after trying to open a PDF, maybe a year ago now.
She just assumed it was an invoice, opened it and bam! .. all files were encrypted.
I looked for a fix of some type .. didn't think it was recoverable .. we dumped the PC after a few days and she simply had to start again.
I keep telling her to invest in a remote file system(NAS) to help protect any files 1/. from such attack again, 2/. backup purposes /3. safe remote access when needed and backed up to another device at her home.
She has a new PC now that simply flies, all new files and is happy .. doesn't think there's any need to do more about it! [bighmmm]

The main issue with Linux is software. While it's great that there's almost certain to be an alternative program for whatever Windows program is the preference .. it's not the same thing as having the program you prefer to use.

for me it's OziExplorer, some image editing software and a few other tidbits.
Until software devs realise this and cater to alternative OSes, nothing will change.

In most cases the issue isnt' really the operating system as such, it's the social engineering that's the security problem.

Even in a Linux environment you could easily infect the computer with any virus, if the user isn't aware of what they're actually doing.
it should be remembered that the reason for the propagation of this type of attack isn't that the OS has faults, it's that people are allowing the threat to reach those faults.

Obviously makes more sense to target the Windows environment where most users are at, especially in a corporate sense .. give them a file they think they need to open to view, and bam! .. infection.
if Linux were the primary OS used globally in a home environment, it wouldn't be hard to hide the attack just needing a password .. unknowing user enters password and infects the system with whatever.

The problem is that people really don't like the effort required to add passwords, and they want instant access to all files in the network at all times too.

Because Linux is more of a niche market segment, it's generally populated by folks that know something about computers .. so it's not really worth sending 10 billion emails just to capture that one solitary Linux computer user that has no clue on the concept of security.

One of my sisters had a ransomware virus after trying to open a PDF, maybe a year ago now.
She just assumed it was an invoice, opened it and bam! .. all files were encrypted.
I looked for a fix of some type .. didn't think it was recoverable .. we dumped the PC after a few days and she simply had to start again.
I keep telling her to invest in a remote file system(NAS) to help protect any files 1/. from such attack again, 2/. backup purposes /3. safe remote access when needed and backed up to another device at her home.
She has a new PC now that simply flies, all new files and is happy .. doesn't think there's any need to do more about it! [bighmmm]

The main issue with Linux is software. While it's great that there's almost certain to be an alternative program for whatever Windows program is the preference .. it's not the same thing as having the program you prefer to use.

for me it's OziExplorer, some image editing software and a few other tidbits.
Until software devs realise this and cater to alternative OSes, nothing will change.

Hard not to agree. For a long long time MacOS had a rep for being free from attack. It is still very good, as it runs in the Unix environment, but instances are increasing as the platform gains popularity. I have long run a few protection protocols, mainly so I'm not a typhoid Mary, but also because there are more attacks now. And yes, I've have seen people blithely entering passwords at prompts. Why? That's why we have passwords, for protection. No machine of mine runs in Admin mode. It's crazy to do it any other way. And MacOS 10.12 is WAY more secure than Windows.

I have Ubuntu Linux here on an emulator. Guess I'll go and learn it.

.... No machine of mine runs in Admin mode. It's crazy to do it any other way. And MacOS 10.12 is WAY more secure than Windows.

I have Ubuntu Linux here on an emulator. Guess I'll go and learn it.

I had Ubuntu on an old laptop with a failed HDD for the kids to play with when they were really young.
They didn't like it too much coz it did have 'their games'.
While I have no doubt that they could easily have got some games on Ubuntu, they couldn't get Kodi, Or Kodu or something.
It's a bit of a learning game, that you build, using simple point and click features.
It's a M$ developed game for kid to learn to build games, and get them interested. Dunno know, but at the time, it was Win only, and that's one of the things they were learning at primary school .. so in essence it was 'their game'.

I'm not so convinced that Admin mode is really the threat that people make it out to be.
You can stay in a user login, but for many processes to happen, eg. install a driver, or a downloaded program etc, you still need to input a password... which is really just a way to get 'admin' login to install it.
Doing that is just entering into an admin mode, without having to log out of user mode and into a proper admin mode.

With social engineering, you just tell folks that the PDF is for 'your eyes only' kind of B$ .. and they just input the password for admin mode.
Make the dialogue box so that it offers them some kind of prize, they forget or ignore the fact that they're entering into an admin mode .. install the virus/trojan .. no amount of patching can stop social engineering of that order.

People don't care about security until after it happens, and even then they really still don't care about it a few hours after a tech gets them a computer device up and running again!

I agree tho that in a corporate environment, especially one as big as Cadbury a few days back .. simply no excuse as to why they got the ransomware attack, and bad luck to them!
Hopefully free chocolates coming our way soon if they can't get their invoices out to the relevant businesses! :D

ps. I have a Ubuntu computer by accident. The NAS I got a short while back(QNAP) offers a desktop environment with it. So a PC in the lounge on the TV(if needed).
So I could be safe from this malware too. [bigwhistle]

if linux was any good, it would be popular by now...

disclaimer: i do work on linux servers.

The main issue with Linux is software. While it's great that there's almost certain to be an alternative program for whatever Windows program is the preference .. it's not the same thing as having the program you prefer to use.

for me it's OziExplorer, some image editing software and a few other tidbits.
Until software devs realise this and cater to alternative OSes, nothing will change.

There is no software you cant run on an alternate OS...

There are methods of running OziExplorer on Linux, and quite successful...

I dont play games on the computer, but have run simulators that are microsoft only and used OziExplorer(in the past now) on Linux connected to a Garmin GPS... It worked well...

I was mapping soil profiles onto a Linux app and using the GPS, but I cant remember the app I was using...

Most of the issues using alternate OS software, requires reading and finding the solutions unless you find Linux software that suits your purpose...

The one thing about Ubuntu is, the security is simplified for the end user without being an open security system and no complicated method for using it....

if linux was any good, it would be popular by now...

disclaimer: i do work on linux servers.

It is very popular, just not advertised, thus people dont know...

Plus computer shops dont sell it so dont promote it...

Comes down to how nieve people are...

It is very popular, just not advertised, thus people dont know...

Plus computer shops dont sell it so dont promote it...

Comes down to how nieve people are...


windows holds 90% of the desktop market.


android is based on linux yes, but mobile phones are one of the most insecure devices on the planet.

[QUOTE=Wraithe;2689727
Comes down to how nieve people are...[/QUOTE]


wow,,

You obviously know,,
and just because they dont know what you know about computers,,
makes them naive?
uninformed maybe...

I didnt know squat about fuel trims till a nice person helped me,,
pay it forward [smilebigeye],,

The company I work for are hoping to have some pc's back on line today....we have 2500 pc's affected worldwide.

No sure how many affected in aus but 100% of our pc's have been unplugged from the network.....waiting for the fix to be rolled out

This virus is an old fashioned deleter as well as encryption type and the good guys have also taken over the email address that told them who paid what...

Fun Fun Fun

Most of the bot armies are compromised linux boxes..

Any delusion that your safer running an out of the box version of Linux is exactly that.

Most of the time people simply don't know they are being used because the box still appears to be fine from the desktop...

This virus is an old fashioned deleter as well as encryption type and the good guys have also taken over the email address that told them who paid what...

Fun Fun Fun

Apparently money is an afterthought with sloppy implementation of payment procedures. Destruction of info is the main aim.

Apparently money is an afterthought with sloppy implementation of payment procedures.

Given that people were apparently paying, I imagine that will change....

Most of the bot armies are compromised linux boxes..

I rather doubt that - simply on the basis of numbers. Any references?

Any delusion that your safer running an out of the box version of Linux is exactly that.

Most of the time people simply don't know they are being used because the box still appears to be fine from the desktop...

The last line I agree entirely - which is why these bot armies work.

Given that people were apparently paying, I imagine that will change....

One suggestion i have heard is that the whole ransomware slant is a cover for a state (or quasi state) operator. In the aftermath of the last one, certain to gain headlines round the world.

Everything you need to know about the Goldeneye/Petya attack – HOTforSecurity (https://hotforsecurity.bitdefender.com/blog/everything-you-need-to-know-about-the-goldeneye-petya-attack-18294.html)

The last line I agree entirely - which is why these bot armies work.

here is another in the news re compromised linux boxes ...

Botnet builder gets almost four years in prison - Security - iTnews (https://www.itnews.com.au/news/botnet-builder-gets-almost-four-years-in-prison-470124?utm_source=feed&utm_medium=rss&utm_campaign=editors_picks&google_editors_picks=true)

there are a few more coming to face the music over the next few months...

10's of thousands of them have been shutdown over the last couple years and they are only touching the surface imho

and now they worked out how to inject code into android so it is going to even more interesting very shortly, google play store is getting to be a bit of a nightmare

Dvmap: the first Android malware with code injection - Securelist (https://securelist.com/dvmap-the-first-android-malware-with-code-injection/78648/)

time to dig out that old iphone [biggrin] [biggrin] [biggrin]

here is another in the news re compromised linux boxes ...



Servers not desktops!

And to make you feel happier about your Android phone:-
Privacy warnings spell trouble for millions of low-cost Android phone owners | Ars Technica (https://arstechnica.com/information-technology/2017/08/citing-privacy-threats-amazon-stops-selling-some-android-phones-from-blu/)

"the low-cost phones sent massive amounts of personal data about the phones and their users’ activities to servers that were owned by AdUps Technologies, a China-based firmware update provider.The data sent to AdUps servers at the time included the full body of text messages, contact lists, call histories with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity and the International Mobile Equipment Identity. ...................
Representatives from Blu, meanwhile, strongly disputed claims that any of its phones collect sensitive personal information.
"The data that is currently being collected is standard for [over-the-air update] functionally and basic informational reporting," Blu Marketing Director Carmen Gonzalez wrote"

I wonder whether the data collected is standard for other Android suppliers? Actually, the company collecting the data is a third party that sells support to phone manufacturers.

How many linux desktops run samba..

How many linux desktops run samba..

im guess a fair few?

How many linux desktops run samba..

Any that have to live/work on a windows-centric network, I'd say.

Not mine.