The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday July 31, 2019

Scanning of random ports and the use of encrypted malware by online criminals is on the rise, according to a threat report by Sonicwall.

Scanning of random ports and the use of encrypted malware by online criminals is on the rise, according to a threat report by Sonicwall.

Based on Sonicwall’s sampling of what it says were 700 million such intrusions, by the end of 2018, around 20 per cent of all malware attacks were coming through non-standard ports – a sum which had decreased by 13 per cent compared to 2018.

The company explained that “non standard” meant ports which are not in routine use by other programs, such as ports 80 and 443 for one’s web browser.

Sonicwall chief exec Bill Conner says, “Those in charge of malware deployments are certainly cognizant of this blind spot and continue to actively exploit it. Organizations aren’t prepared for protecting this attack vector with the same diligence as standard ports.”

Encrypted malware was something else that Sonicwall said was on the rise, increasing by a quarter compared to the preceding 12 months. In 2018 the company said it had logged more than 2.8 million encrypted malware attacks, a 27 per cent jump over the previous year.

A variety of factors contributed to this trend, in Sonicwall’s view: Ransomware as a Service (RaaS), open-source malware kits and cryptocurrencies “bounced back up”, the firm said, with ransomware continuing to be a successful money-maker for criminals deploying it.

Conner says, "I’m certain that a number of high profile ransomware cases involving major US cities also signaled that there are still large vulnerable targets out there despite ransomware being a headline for the past 4-5 years."

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash

A semi-autonomous robot designed to operate in hostile environments has been developed by NASA, and word has it that it could be used to help build a base on Mars.

A semi-autonomous robot designed to operate in hostile environments has been developed by NASA, and word has it that it could be used to help build a base on Mars.

A six-feet and two-inch semi-autonomous humanoid robot, Valkyrie was designed with an ultimate goal by NASA, to help humans colonize Mars. The 300-pound robot has been prepped with a number of space-based trials by NASA’s Space Robotics Challenge. The robot can use human tools and map its own path safely. It can navigate well across rocky terrain thanks to its hydraulic power.

At first sight, the Valkyrie is an Iron Man look-alike with a glowing circle on its chest marking the robot's status. Inside the infrared-transparent faceplate, you will find a whirring LIDAR sensor that constantly scans the surroundings for objects and obstacles. The robot has dual brains - two Intel Core i7 computers which translate the sensors’ input. Although Valkyrie was tested with a power cord in place, it can run on a battery pack lasting about an hour.

There will be a host of cameras and sensors around Valkyrie: a Multisense SL camera on its head which combines laser, 3D stereo and video, as well as extra ‘hazard cameras’ looking ahead and behind from the torso. 38 sensors on each three-fingered hand maintain dexterity and control.

So basically, if you’ve ever watched the movie, The Martian, Valkyrie will pretty much recreate its plot, minus the part about growing potatoes.

Source: in.mashable.com

Sent to us by: Roy W. Nash

ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks.

ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks.

After two years of decline in Android ransomware, a new family has emerged. We have seen the ransomware, detected by ESET Mobile Security as Android/Filecoder.C, distributed via various online forums. Using victims’ contact lists, it spreads further via SMS with malicious links. Due to narrow targeting and flaws in both execution of the campaign and implementation of its encryption, the impact of this new ransomware is limited. However, if the developers fix the flaws and the operators start targeting broader groups of users, the Android/Filecoder.C ransomware could become a serious threat.

Android/Filecoder.C has been active since at least July 12th, 2019. Within the campaign ESET discovered, Android/Filecoder.C has been distributed via malicious posts on Reddit and the “XDA Developers” forum, a forum for Android developers. The malicious activity was reported to XDA Developers and Reddit. The posts on the XDA Developers forum were removed swiftly; the malicious Reddit profile remained online.

Android/Filecoder.C spreads further via SMS with malicious links, which are sent to all contacts in the victim’s contact list.

After the ransomware sends out this batch of malicious SMSes, it encrypts most user files on the device and requests a ransom. Due to flawed encryption, it is possible to decrypt the affected files without any assistance from the attacker.

In one link that was shared on Reddit, the attackers used the URL shortener bit.ly. This bit.ly URL was created on Jun 11, 2019.

Once potential victims receive an SMS message with the link to the malicious application, they need to install it manually. After the app is launched, it displays whatever is promised in the posts distributing it – most often, it’s a sex simulator online game. However, its main purposes are command and control communication, spreading malicious messages and implementing the encryption/decryption mechanism.

Source: www.welivesecurity.com

Sent to us by: Robbie Ferguson

Linus Torvalds, the creator of Linux, is killing off support for legacy disk drive tech.

Linus Torvalds, the creator of Linux, is killing off support for legacy disk drive tech.

Floppy disks appeared in the 1970s, first as giant 8-inch disks before slimming down to the 5¼-inch variety seen attached to many PCs and home computers of the 1980s.

The 1980s also marked the beginning of the end for the traditional floppy, with the considerably stiffer 3½-inch version from Sony, which dumped the flexible sleeve protecting the magnetic media with something much more rigid, with a metal covering that could be slid aside when inserted into the drive's mechanism.

1998's iMac courageously did not feature a floppy drive and within the decade the vast majority of PC makers had followed suit as CD, DVD and USB storage become more prevalent.

Much of the world has known the floppy was dead for some time, but Torvalds has made it official with a Linux kernel merge marking the Linux floppy driver as "orphaned".

The issue is that while there are plenty of USB floppy drives out there, actual PC hardware is becoming a thing of the past thanks to motherboard makers ditching the relevant connectors, and because very few people use floppy disks anymore.

Torvalds observed that "actual working physical floppy hardware is getting hard to find" and considered the driver dead, with a few faint use cases still present in emulated environments. But if you really need to read those old disks, USB is going to be the way forward.

Naturally, just being orphaned doesn't mean that the driver is actually disappearing immediately, but it does mean that unless some magnetic media meddler steps up to maintain it, the odds are it will be deprecated and eventually removed.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash