ZDNet: This free ransomware decryption tool just got a handy update. “A free decryption tool for a form of ransomware which has plaguing victims 2017 has just been updated with additional capabilities to make it more effective at returning encrypted files – without the need to give into the demands of cyber criminals.”
ZDNet: Google details its three-year fight against the Bread (Joker) malware operation. “While most malware operators give up once Google detects their apps, the Bread group never did. For more than three years, since 2017, Bread operators have been churning out new versions of their malware on a weekly basis.”
BetaNews: US government-funded phones come with pre-installed malware. “Researchers at Malwarebytes have uncovered malware pre-installed on phones offered under the US government-funded Lifeline Assistance program. Assurance Wireless by Virgin Mobile offers the UMX U686CL phone as their most budget-friendly option at only $35 under the scheme. However, users are getting more than they bargained for. An app called Wireless Update is designed to update the phone’s OS but can also install other apps without consent.”
Bleeping Computer: Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools. “The Clop Ransomware continues to evolve with a new and integrated process killer that targets some interesting processes belonging to Windows 10 apps, text editors, programming IDEs and languages, and office applications.”
Medium: Google’s Monopoly is Stifling Free Software. “Google has an undeniable monopoly on search, and a near-monopoly on web browsing software via Chrome and its forks. And even alternative browsers such as Mozilla’s Firefox reference Google’s Safe Browsing service to decide on the trustworthiness of downloads. Stopping the spread of malware is a laudible goal, but a consequence of this is directly harming free and open source software developers from being able to release their software without paying expensive certificate authority rent-seeking fees.”
ProPublica: Like Voldemort, Ransomware Is Too Scary to Be Named. “Each year, millions of ransomware attacks paralyze computer systems of businesses, medical offices, government agencies and individuals. But they pose a particular dilemma for publicly traded companies, which are regulated by the SEC…. Material events must be reported in public filings, and failure to do so could spur SEC action or a shareholder lawsuit. Yet some companies worry that acknowledging a ransomware attack could land them on the front page, alarm investors and drive down their share price. As a result, although many companies cite ransomware in filings as a risk, they often don’t report attacks or describe them in vague terms, according to experts in securities law and cybersecurity.”
CNET: Popular messaging app ToTok reportedly an Emirati spy tool. “A popular messaging app billed as a secure way to chat with friends and family is actually a spying tool used by the United Arab Emirates to track the activities of those who download it, The New York Times reported Sunday. The app, which debuted only a few months ago, has been downloaded millions of times around the world.” Please note that ToTok is not TikTok.