Connect with us

Tech

How a VPN vulnerability allowed ransomware to disrupt two manufacturing plants

Published

on

Getty Images

Ransomware operators shut down two production facilities belonging to a European manufacturer after deploying a relatively new strain that encrypted servers that control manufacturer’s industrial processes, a researcher from Kaspersky Lab said on Wednesday.

The ransomware known as Cring came to public attention in a January blog post. It takes hold of networks by exploiting long-patched vulnerabilities in VPNs sold by Fortinet. Tracked as CVE-2018-13379, the directory transversal vulnerability allows unauthenticated attackers to obtain a session file that contains the username and plaintext password for the VPN.

With an initial toehold, a live Cring operator performs reconnaissance and uses a customized version of the Mimikatz tool in an attempt to extract domain administrator credentials stored in server memory. Eventually, the attackers use the Cobalt Strike framework to install Cring. To mask the attack in progress, the hackers disguise the installation files as security software from Kaspersky Lab or other providers.

Once installed, the ransomware locks up data using 256-bit AES encryption and encrypts the key using an RSA-8192 public key hardcoded into the ransomware. A note left behind demands two bitcoins in exchange for the AES key that will unlock the data.

More bang for the buck

In the first quarter of this year, Cring infected an unnamed manufacturer in Germany, Vyacheslav Kopeytsev, a member of Kaspersky Lab’s ICS CERT team said in an email. The infection spread to a server hosting databases that were required for the manufacturer’s production line. As a result, processes were temporarily shut down inside two Italy-based facilities operated by the manufacturer. Kaspersky Lab believes the shutdowns lasted two days.

“Various details of the attack indicate that the attackers had carefully analyzed the infrastructure of the attacked organization and prepared their own infrastructure and toolset based on the information collected at the reconnaissance stage,” Kopeytsev wrote in a blog post. He went on to say, “An analysis of the attackers’ activity demonstrates that, based on the results of reconnaissance performed on the attacked organization’s network, they chose to encrypt those servers the loss of which the attackers believed would cause the greatest damage to the enterprise’s operations.”

Incident responders eventually restored most but not all of the encrypted data from backups. The victim didn’t pay any ransom. There are no reports of the infections causing harm or unsafe conditions.

Sage advice not heeded

In 2019, researchers observed hackers actively trying to exploit the critical FortiGate VPN vulnerability. Roughly 480,000 devices were connected to the Internet at the time. Last week, the FBI and Cybersecurity and Infrastructure Security agency said the CVE-2018-13379 was one of several FortiGate VPN vulnerabilities that were likely under active exploit for use in future attacks.

Fortinet in November said that it detected a “large number” of VPN devices that remained unpatched against CVE-2018-13379. The advisory also said that company officials were aware of reports that the IP addresses of those systems were being sold in underground criminal forums or that people were performing Internet-wide scans to find unpatched systems themselves.

Besides failing to install updates, Kopeytsev said Germany-based manufacturer also neglected to install antivirus updates and to restrict access to sensitive systems to only select employees.

It’s not the first time a manufacturing process has been disrupted by malware. In 2019 and again last year Honda halted manufacturing after being infected by the WannaCry ransomware and an unknown piece of malware. One of the world’s biggest producers of aluminum, Norsk Hydro of Norway, was hit by ransomware attack in 2019 that shut down its worldwide network, stopped or disrupted plants, and sent IT workers scrambling to return operations to normal.

Patching and reconfiguring devices in industrial settings can be especially costly and difficult because many of them require constant operation to maintain profitability and to stay on schedule. Shutting down an assembly line to install and test a security update or to make changes to a network can lead to real-world expenses that are nontrivial. Of course, having ransomware operators shut down an industrial process on their own is an even more dire scenario.

https://www.emultimediatv.com

Tech

An actual house is an NFT now

Published

on

A real estate broker named Shane Dulgeroff decided to take advantage of the NFT hype. He’s selling a house at 221 Dryden Street, in Thousand Oaks, California along with an NFT of a psychedelic-flavored video of the house.

The artwork and house are up for auction on OpenSea, with a minimum bid of 48 ETH, or almost $117,000. No one has bid yet, and the auction closes in seven days. The house previously sold at $746,000, according to real-estate platform Zillow.

“It’s less about the significance of the art as it is the significance of us using a platform like this to sell a home,” Dulgeroff told Fast Company. “The significance that the art will carry, it’s going to be stored in your digital wallet forever as living proof that you purchased the first home ever that was done through any kind of a crypto platform directly. So that’s where the real value is.”

NFTs are usually used to support digital goods — for instance: art, music, and trading cards. Currently there are no laws to explain how this might work, or what the taxes will be. “It really is an interesting process navigating the legal side of it, the tax side of it, the transfer side of it to make sure it’s all done correctly,” Dulgeroff told Fast Company. Perhaps that explains the lack of bids — no one wants to get in trouble with tax collectors.

The art that comes with the house was designed by Kii Arens. This isn’t the only Arens NFT; his pop-art confections inspired by Yusaku Maezawa’s attempted space mission are also up for sale. Maezawa, a Japanese billionaire, announced in 2018 that he planned to go to the Moon with artists. “I want to be on that spaceship as it travels farther than any human has from Earth,” Arens wrote to explain the inspiration for the NFT set.

https://www.emultimediatv.com

Continue Reading

Tech

New blast at St. Vincent volcano; cruise ship helps evacuees

Published

on

La Soufriere volcano has shot out another explosive burst of gas and ash and a cruise ship has arrived to evacuate some of the foreigners who had been stuck on a St. Vincent island by a week of violent eruptions

KINGSTOWN, St. Vincent — La Soufriere volcano shot out another explosive burst of gas and ash on Friday as a cruise ship arrived to evacuate some of the foreigners who had been stuck on a St. Vincent island coated in ash from a week of violent eruptions.

The explosions that began on April 9 forced some 20,000 to flee the northern end of the eastern Caribbean island for shelters and contaminated water supplies across the island.

Friday morning’s blast “wasn’t a big explosion compared to the ones that we last weekend, but it was big enough to punch a hole through the clouds,” said Richard Robertson, lead scientist at the University of the West Indies Seismic Research Center, in an interview with local NBC radio. “Probably got up to 8,000 meters (26,000 feet).”

During a comparable eruption cycle in 1902, explosive eruptions continued to shake the island for months after an initial burst killed some 1,700 people, though the new eruptions so far have caused no reported deaths among a population that had received official warning a day earlier that danger was imminent.

Meanwhile, British, U.S. and Canadian nationals were being evacuated aboard Royal Caribbean Cruises’ Celebrity Reflection from the harbor in the Kingstown, capital of St. Vincent and the Grenadines. The ship was due to arrive Saturday in Dutch Sint Maarten.

Dozens of foreigners toting luggage descended from tour buses and cars at the port terminal in Kingstown and patiently waited in a line that began in the parking lot and reached deep into the terminal.

They included students from the Trinity School of Medicine along with stranded tourists, including families with young children in arms.

“As of right now, we are being evacuated for our safety and to keep the island as safe as possible,” said LLeah Ransai, a Canadian student at Trinity. “Between the school, the government and the embassies of the US and Canada, we’re being evacuated now.”

The U.S. Embassy said those aboard would have to make their own travel arrangements home.

It also noted in an official statement that the U.S. Centers for Disease Control and Prevention had recommended against travel on cruise ships because the chance of getting COVID-19 and said people who had been in close contact with suspected COVID-19 cases were barred from the trip. All aboard were supposed to have a negative rapid antigen test taken within 24 hours of boarding.

Meanwhile, thousands of locals were stuck n emergency shelters with no idea when they might be able to return home.

Levi Lewis, 58, a retired public servant from the town of Fancy, said the eruption had left him trying to get by with practically nothing.

“I just reusing clothing cause i didn’t walk with much,” he said. “Plus water is an issue, so I’m trying to conserve it still.”

“I want to go back home, or to whatever is left of it,” he added.

A few people, however, never left, defying evacuation orders.

Raydon May, a bus conductor in his late 20s who stayed in Sandy Bay throughout the eruptions, said he had always planned to stay if the volcano erupted and was trying to protect properties in the community while making occasional trips outside the evacuation zone to pick up water and supplies.

He said so much ash had fallen that the roofs of houses were collapsing under the weight.

“One roof might get on like three truckloads of sand,” he said. “We trying to help … but we can’t help everybody.”

https://www.emultimediatv.com

Continue Reading

Tech

Former Bachelor star Colton Underwood may get a reality show after coming out as gay: The backlash, explained

Published

on


ABC/Josh Vertucci

Colton Underwood, the former lead on popular reality series The Bachelor, came out as gay in a very public way this week in an interview with Good Morning America anchor Robin Roberts. As the news spread, so did reports that Netflix is working with Underwood on a reality show that follows his life as an openly gay man. “I’m gay. And I came to terms with that earlier this year and have been processing it,” Underwood told Roberts on Wednesday. “I’m the happiest and healthiest I’ve ever been in my life.”

Some people face considerable obstacles on their path to coming out, and Underwood shared his own. “I’ve ran from myself for a long time. I’ve hated myself for a long time,” he told Roberts.   

The response to Underwood’s revelation has been largely supportive, with many — including Schitt’s Creek star Dan Levy who is openly gay, and alumni and producers of the popular long-running dating show — applauding the 29-year-old Underwood for his honesty and sending messages of pride and solidarity. 

“I am so proud of you for finally being able to share and live your truth,” tweeted Tayshia Adams, who competed on his season of the series and went on to star in her own season of The Bachelorette, another show in ABC’s reality dating franchise.  

But Underwood’s alleged past treatment of Cassie Randolph, the woman he chose on his Bachelor season, has complicated the reactions. After the pair’s breakup in 2020, Randolph, 25, was granted a restraining order against her former boyfriend. She said he’d placed a tracking device on her car, sent her harassing texts and showed up uninvited to her LA apartment and her parent’s home. According to TMZ, she later dismissed the restraining order and asked that the police investigation be dropped. 

Following Underwood’s GMA revelation, Variety reported that Netflix is planning a reality show that looks at Underwood’s life as an openly gay man, and now a Change.org petition is circulating urging Netflix to cancel those plans. The petition has more than 10,000 signatures as of Friday morning. Online petitions have no actual power, but they do serve as a barometer of public opinion.  

“Regardless of his sexuality, Colton should not be given a platform as a result of his abusive, manipulative and dangerous behavior,” the writer of the petition says. 

Wrote one of the petition’s signers, “I’m a survivor of stalking, and it repulses me to see someone like this given a platform as though he’s done nothing wrong. I will absolutely cancel my Netflix subscription if you go through with this.”

The petition also links to a Reddit thread offering a link to documents in the Randolph-Underwood case.

Netflix didn’t immediately respond to a request for comment, and a representative for Underwood said the reality star had no comment.  

Here’s more on Colton Underwood and the complex reactions to his coming out and the possibility of him getting his own show.    

Who’s Colton Underwood?

Colton Underwood was born in Indianapolis and raised in Illinois, where he played college football at Illinois State University. The Bachelor hyped him as a pro football player, but if you never heard of him, there’s a reason. Underwood was signed as an undrafted free agent by the San Diego Chargers in 2014, but waived before the season began. He briefly played for the practice squads of the Philadelphia Eagles and Oakland Raiders, but never appeared in a real NFL game. 

His dating life brought him much more fame than his sports career. Even before The Bachelor, Underwood dated Olympic gold-medal-winning gymnast Aly Raisman. That relationship made headlines too, and the couple even attended the Golden Globe Awards together in 2017. They broke up later that year.

His Bachelor life

Underwood first appeared as a contestant on Becca Kufrin’s season of The Bachelorette in 2018. He was eventually eliminated but showed up again in the franchise’s spinoff show, Bachelor in Paradise. By now he’d become a favorite of some fans and the show’s producers cast him in the title role of The Bachelor for the show’s 2019 season, heavily hyping him as “the virgin Bachelor.” Underwood chose California speech pathologist Cassie Randolph, but didn’t propose marriage to her in the finale. 

Police involvement post show 

Underwood and Randolph dated for a year before their May 2020 breakup. She filed for the restraining order that fall, before dismissing it and asking that the police investigation be dropped. 

“The two of us were able to reach a private agreement to address any of Cassie’s concerns,” Underwood told TMZ at the time. “I do not believe Cassie did anything wrong in filing for the restraining orders and also believe she acted in good faith.”

Coming out and Cassie

Underwood told Good Morning America that Randolph didn’t know he was gay. He also said he’d like to apologize to his former girlfriend, and while he didn’t address the restraining order directly, admitted, “I made mistakes at the end of that relationship.” Following the interview, many on Reddit expressed support for Randolph and shared their own stories of being harassed by ex-partners.

Some also expressed offense at Underwood suggesting any link between past harassing behavior and confusion over his sexuality.   

“As a gay man,” wrote one Reddit user, “I find this whole thing abhorrent. I spent my fair share of time in the closet, and coming to terms with my sexuality. It’s still something I’m working on, being out and proud.

“For his behavior to be excused because he was gay is wrong. It paints this picture that somehow closeted gay men are what, unstable but cured by coming out? That his actions were excusable because he was gay? I’m confused by the narrative. I’m insulted by it.” 

If the reality show happens, a source told Variety it’ll focus on Underwood’s dating life, and on discovering his sexuality as a gay man. Us magazine reported that Olympic skier Gus Kenworthy was spotted filming with Underwood. Kenworthy came out as gay in 2015. 

Underwood’s coming-out may even ripple back to the show that made him famous. Unnamed Bachelor sources told TMZ that Underwood’s coming out has sparked internal discussion among show producers about possibly casting a gay season of the show.


https://www.emultimediatv.com

Continue Reading

Trending

Copyright © 2021 Emultimediatv.