Researchers at Check Point, an information security company, have discovered a new way for hackers to gain access to your devices – movie subtitle files.
This particular attack uses popular media player software including VLC and Popcorn Time. It is estimated that hundreds of millions of users worldwide may be at risk to this type of attack.
By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.
Users are encouraged to download and apply the relevant updates for the media players listed above and to also check for updates for any other media/streaming software not listed above.
Source: Check Point
REDDIT, The Internet – If you’re interested in “MalwareTech,” the handle of the guy who helped stopped the recent WannaCry ransomware attack, head on over to his reddit “Ask Me Anything” (AMA) session.
Over the years, reddit’s AMA’s have seen several politicians, movie stars, athletes, authors, and a variety of other interesting people, answer questions from members of the popular social site.
Past popular AMA’s include:
Neil deGrasse Tyson
Almost 72 hours have passed since the WannaCry ransomware attacked computers and networks across the globe. Here’s a recap:
Starting Friday (May 12) hundreds of thousands of computers across 150 countries were hit. Organizations affected include: The UK’s National Health Service (NHS), FedEx, Telefonica and Renault. The software infected computer files and demanded a ransom of several hundred dollars payable in Bitcoin.
WannaCry was delivered via a vulnerability discovered in recent Windows Operating Systems, but which was patched back in March 2015.
Several major news outlets today have reported that ransomware software is rapidly infecting thousands of computers across the globe. So far, computers from countries in the US, UK, China, Russia, Spain and Italy have been infected.
Ransomware is a type of malicious software that will install itself onto a computer – unknown to the user – and prevent access to files (usually via encryption) unless the user pays a ransom. This particular strain goes by the name of “WannaCry,” however, several variations of the name exist as well.
Organizations including the UK’s National Health Service (NHS) have reportedly been hit, as well as Telefonica, a telco in Spain, and Federal Express (FedEx).
Researchers at Threatpost, part of Kaspersky Labs, have reported that attackers are using the “EternalBlue” exploit recently released by Shadow Brokers and allegedly developed by the NSA. Microsoft security bulletin MS17-010 has additional info on the issue.
Caribbean computer users (residential, business, government, et cetera), should apply the latest relevant software updates, inclusive of operating system and anti-virus, as soon as possible to reduce the risk of infection and/or data and information loss.
Sources: CNN, BBC News, Threatpost, Google