Microsoft says governments should stop 'hoarding' security vulnerabilities after WannaCry attack

The Wanna Cry cyberattack primarily targets computers that operate on Microsoft’s Windows OS

The latest alpha releases of Visual Studio Tools for Xamarin for Windows, and Visual Studio for Mac feature preview support for Microsoft's Xamarin Live Player apps that allow developers to write, execute, and debug code continuously on an iOS or Android device straight from the IDE.

French carmaker Renault was forced to stop production at sites in France, Slovenia and Romania, while FedEx said it was "implementing remediation steps as quickly as possible".

Shares in FTSE 250-listed Sophos were trading at 373.7p at 11.30 this morning, up by nearly 7 per cent, as the company also received an upgrade from analysts at Deutsche Bank. It locks up Windows users' computers, and asks for a $300 ransom to unlock them, paid in bitcoin.

The ransomware attack has affected more than 200,000 victims in 150 countries, said Rob Wainwright, head of law enforcement agency Europol. That Convention would have a new stipulation, too: "a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them".

The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly risky security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks. The attack on the British National Health Service that affected 16 hospitals became the most visible and frightening symbol of the attack, after several patients were sent to other hospitals and surgeries were canceled.

It said that as the people are using different products from different companies, they want to be at the center of all the activities.

Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices.

Читайте также: Mourinho: Europa semi is United's 'most important' match

"Who's culpable are the criminals that distributed it and the criminals that weaponized it", Bossert said.

Once it infects one computer within a network, it can spread to all the computers in that network "within seconds", said Israel Levy, the CEO of the cybersecurity firm Bufferzone. "If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return". An analyst from MalwareTech on Friday stumbled upon a way to halt the initial attack, unwittingly activating a kill switch, By Monday, however, hackers had changed the code so that kill switch no longer worked. An unidentified young cybersecurity researcher claimed to help halt WannaCry's spread by activating a so-called "kill switch". "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself".

The WannaCry ransomware threat is only going to get worse on Monday as more employees log into their computers, and India's Computer Emergency Response Team (CERT) will be holding an webcast on how to protect against this. On Sunday, the Maharashtra police department said it was partially hit by the cyberattack.

When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the USA military having some of its Tomahawk missiles stolen", Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday. The security flaw that hackers used to launch the attacks Friday was made public after information was stolen from the U.S. National Security Agency, which routinely searches for flaws in software and builds tools to exploit them.

The recent WannaCry (WannaCrypt) ransomware attacks saw an NSA-owned virus stolen and used in an attack that brought United Kingdom hospitals to its knees. This guards against many types of malware and ransomware.

The attack is likely to prompt more organizations to apply the security fixes that would prevent the malware from spreading automatically. One month earlier, Microsoft had released a patch targeting the vulnerability.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2017 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Related:

Comments