Connect with us

News

Bad Rabbit Ransomware Outbreak: Things You Need to Know

Published

on

[ad_1]

When news broke of the third major ransomware outbreak of the year, there was lots of confusion. Now the dust has settled, we can dig down into what exactly “Bad Rabbit” is.

As per the media reports, many computers have been encrypted with this cyber-attack. Public sources have confirmed that Kiev Metro’s computer systems along with Odessa airport as well as other numerous organizations from Russia have been affected. The malware used for this cyber-attack was “Disk Coder.D” – a new variant of the ransomware which popularly ran by the name of “Petya”. The previous cyber-attack by Disk Coder left damages on a global scale in June 2017.

ESET’s telemetry system has reported numerous occurrences of Disk Coder. D within Russia and Ukraine however, there are detections of this cyber-attack on computers from Turkey, Bulgaria and a few other countries as well.

A comprehensive analysis of this malware is currently being worked upon by ESET’s security researchers. As per their preliminary findings, Disk Coder. D uses the Mimikatz tool to extract the credentials from affected systems. Their findings and analysis are ongoing, and we will keep you informed as soon as further details are revealed.

The ESET telemetry system also informs that Ukraine accounts only for 12.2% from the total number of times they saw Bad Rabbit infiltration. Following are the remaining statistics:

Russia: 65%

Ukraine: 12.2%

Bulgaria: 10.2%

Turkey: 6.4%

Japan: 3.8%

Other: 2.4%

The distribution of countries was compromised by Bad Rabbit accordingly. Interestingly, all these countries were hit at the same time. It is quite likely that the group already had their foot inside the network of the affected organizations.

It’s definitely ransomware

Those unfortunate enough to fall victim to the attack quickly realized what had happened because the ransomware isn’t subtle – it presents victims with a ransom note telling them their files are “no longer accessible” and “no one will be able to recover them without our decryption service”. Victims are directed to a Tor payment page and are presented with a countdown timer. Pay within the first 40 hours or so, they’re told, and the payment for decrypting files is 0.05 bitcoin – around $285. Those who don’t pay the ransom before the timer reaches zero are told the fee will go up and they’ll have to pay more. The encryption uses DiskCryptor, which is open source legitimate and software used for full drive encryption. Keys are generated using CryptGenRandom and then protected by a hardcoded RSA 2048 public key.

It’s based on Petya/Not Petya

If the ransom note looks familiar, that’s because it’s almost identical to the one victims of June’s Petya outbreak saw. The similarities aren’t just cosmetic either – Bad Rabbit shares behind-the-scenes elements with Petya too.

Analysis by researchers at Crowdstrike has found that Bad Rabbit and NotPetya’s DLL (dynamic link library) share 67 percent of the same code, indicating the two ransomware variants are closely related, potentially even the work of the same threat actor.

The attack has hit high profile organizations in Russia and Eastern Europe

Researchers have found a long list of countries of have fallen victim to the outbreak – including Russia, Ukraine, Germany, Turkey, Poland and South Korea. Three media organizations in Russia, as well as Russian news agency Interfax, have all declared file-encrypting malware or “hacker attacks” – being brought offline by the campaign. Other high-profile organizations in the affected regions include Odessa International Airport and Kiev Metro. This has led the Computer Emergency Response of Ukraine to post that the “possible start of a new wave of cyber-attacks to Ukraine’s information resources” had occurred.

It may have had selected targets

When WannaCry broke, systems all across the world were affected by an apparent indiscriminate attack. Bad Rabbit, on the other hand, might have targeted corporate networks.

Researchers at ESET have backed this idea up, claiming that the script injected into infected websites can determine if the visitor is of interest and then add the contents page – if the target is seen as suitable for the infection.

It spreads via a fake Flash update on compromised websites

The main way Bad Rabbit spreads is drive-by downloads on hacked websites. No exploits are used, rather visitors to compromised websites – some of which have been compromised since June – are told that they need to install a Flash update. Of course, this is no Flash update, but a dropper for the malicious install. Infected websites – mostly based in Russia, Bulgaria, and Turkey – are compromised by having JavaScript injected in their HTML body or in one of their.js files.

It can spread laterally across networks

Like Petya, the Bad Rabbit Ransomware attack contains an SMB component which allows it to move laterally across an infected network and propagate without user interaction.

The spread of Bad Rabbit is made easy by simple username and password combinations which it can exploit to force its way across networks. This list of weak passwords is the often-seen easy-to-guess passwords – such as 12345 combinations or having a password set as “password”.

It doesn’t use EternalBlue

When Bad Rabbit first appeared, some suggested that like WannaCry, it exploited the EternalBlue exploit to spread. However, this now doesn’t appear to be the case. “We currently have no evidence that the EternalBlue exploit is being utilized to spread the infection,” Martin Lee, Technical Lead for Security Research at Talos told ZDNet.

It contains Game of Thrones references

Whoever it behind Bad Rabbit, they appear to be a fan of Game of Thrones: the code contains references to Viserion, Drogon, and Rhaegal, the dragons which feature in television series and the novels it is based on. The authors of the code are therefore not doing much to change the stereotypical image of hackers being geeks and nerds.

There’s steps you can take to keep safe

At this moment in time, nobody knows if it is yet possible to decrypt files that are locked by Bad Rabbit. Some might suggest to pay the ransom and see what happens… Bad idea.

It’s quite reasonable to think that paying nearly $300 is worth paying for what might be highly important and priceless files, but paying the ransom almost never results in regaining access, nor does it help the fight against ransomware – an attacker will keep targeting as long as they’re seeing returns.

A number of security vendors say their products protect against Bad Rabbit. But for those who want to be sure they don’t potentially fall victim to the attack, Kaspersky Lab says users can block the execution of file ‘c: windows infpub.dat, C: Windows cscc.dat.’ in order to prevent infection.

[ad_2]

Source by Saumya Sinha

News

Where to Find Those Efficient and Hardworking Affiliates?

Published

on

[ad_1]

Everyone wants a hardworking affiliate, employee, associate, partner, or even spouse, and why not? It’s the next best thing to doing the work yourself. However with the massive outbreak of work and income opportunities available online, how can you beat everyone else and find that one (or more) ideal person who will make your online business explode with success? Here are some of the most ingenious and uncommon ways to snag the idea affiliates for your affiliate program

Direct Sales Agents

Direct sales people are really one of the most enterprising, hard-working individuals in business. They mostly work on commissions or rebates and are willing to literally go door-to-door offering their products to anyone and everyone they bump into. Imagine how much easier their job would be if they could be an affiliate and simply work via the Internet and a mobile device or desktop.

Also, most direct sales people tend to carry more than one brand in their product arsenal so signing up as an affiliate would be almost the same type of work but using a different approach.

Colleges and Universities

Many college kids would be interested in a part-time income opportunity if it would mean funds to help pay for their education, loan, or partying. All you have to do is make sure to offer them products they can endorse as a student.

Freelancers

Did you know that the U.S. Census Bureau’s latest annual report show that 75% of U.S. businesses used freelancers in 2011? Freelancers earned a whopping US$990 billion in 2011 which is a 4.1% increase from the previous year. The only industries where the number of freelancers decreased were in insurance, finance, and construction. Most probably your affiliate program isn’t a part of these 3 industries.

Furthermore, online business and finance experts are predicting the growth to increase incrementally every year even with an economy that is improving. People just want income security and more control over their earnings. With the spate of lay-offs, it’s understandable why many would prefer to work as an affiliate than as an employee.

Scout For Them At Affiliate Conventions

There are annual affiliate conventions held in different cities around the country. You should try to catch one when it is held somewhere near your location. The average turn-out for these types of conventions has increased regularly over the years. Last year, many of them were sold out weeks before the event.

Advertise!

The US Census Bureau has said that as of 2012, 15% of Americans are poor, 43% of young adults depend on their parents to some extent for money. Even more surprising is that the median income of young adults in 1982 was $31,583 and last year it was $30,604 for the same age group! Income is dropping and people are looking for ways to earn additional income outside of their 9 to 5 jobs. That’s where you can come in playing the hero and helping others realize their dream income.

Finally, go online and talk about your product. Make the affiliate marketers come to you and have the luxury of picking the best candidates. You will need some help in marketing your affiliate program so target a marketer who’s experienced in affiliate program and SEO.

[ad_2]

Source by Lina Stakauskaite

Continue Reading

News

Recession Is Here… Six Costly Mistakes Home Sellers Make During Recessions And How To Avoid Them

Published

on

[ad_1]

The U.S. is officially in a recession. What is a recession? A recession is a business cycle contraction or general economic decline due to significant drop in spending and other commercial activities. Most pundits and politicians will blame Covid-19 crisis for the recession, but even pre-Covid-19 the proverbial writing was on the wall.

The U.S. had over 120 months of economic growth, which was the longest expansion in the modern history. Other indicators, such as negative yield spread on treasuries (long term bonds having lower interest rates than short term T-notes), were pointing to an imminent change of the economic cycle and an impending recession. The only real question was: when and how bad?

Then Covid-19 came… If the cycle was going to change anyway, Covid-19 acted as a huge and unexpected accelerant to make the recession much more immediate and severe.

Inevitably during recessions all classes of real estate, including residential homes and condominiums, will be negatively impacted as lower consumer spending and higher unemployment rates affect real estate prices and marketing times.

Here are the six costly mistakes home and other real property sellers make during recessions and how to avoid them:

Mistake #1: This will pass and real estate market will be hot again soon

First thing to remember is that real estate cycles are much longer than general economic cycles. Even if the general economy recovers, which eventually it always does, a typical real estate cycle takes as long as 10 to 15 years. The cycle has four key stages: Top, Decline, Bottom and Rise.

Let us consider the last real estate cycle, which lasted approximately 14 years:

  • 2006 – Prices hit the Top
  • 2006 to 2012 – Prices Decline
  • 2012 – Prices hit the Bottom (Trough)
  • 2012 to 2019 – Prices Rise*
  • 2020 – Prices hit the Top
  • 2020 to? – Prices Decline

*NOTE: In 2016 the national residential real estate price index reached its pre-recession 2006 peak levels. It took 10 years for the real estate market to recover.

The way to avoid this mistake is to recognize that real estate cycles take years to run and plan accordingly. Additionally, nobody knows for sure when the prices will hit the top or bottom until after the fact.

Mistake #2: Low interest rates will make the economy and real estate market rebound

Between 2006 and 2011 the interest rates (Fed Funds) were continuously cut by the Federal Reserve Board and went from low 5% to almost 0%. However, that did not stop the real estate recession and depreciation of property values.

Undoubtedly, low interest rates made the economic decline and real estate recession less severe and saved some properties from foreclosures, but it still took six painful years for the real estate market to hit the bottom and then four more years for the prices to go back to their pre-recession levels.

Some markets had never fully recovered. For example, residential home prices in some parts of California, Arizona and Nevada are still below their 2006 highs.

To avoid this mistake, one needs to realize that although low interest rates help stimulate the economy and the real estate market, they do not cure them.

Mistake #3: I don’t need to sell now, so I don’t care

If you do not need to sell until the cycle plays out, which typically is over ten years, then you will not be as affected, especially if you have a strong equity position, limited mortgage debt, and solid liquid assets.

However, it is good to keep in mind that “life happens” and either professional or personal circumstances can change and we may need to sell property before the downturn runs its course.

Furthermore, if a property has a mortgages and its value declines to the point being “upside down,” meaning the mortgage loan balance exceeds the value of the property, then the options of selling, refinancing or even obtaining an equity line of credit, will be significantly limited.

This does not mean that everybody should be rushing into selling their real estate if there is no need to do so, just keep in mind that circumstances may and often do change and property options will be affected, so plan in advance. As one wise proverb says: “Dig your well before your thirst.”

Mistake #4: I’m selling, but I won’t sell below my “bottom line” price

This is a common and potentially very costly mistake. Generally speaking, every seller wants to sell for the highest price and every buyer wants to pay the lowest price. That’s nothing new. When selling real estate, most sellers want to achieve a certain price point and/or have a “bottom line.”

However, it is important to understand that the market does not care what the Seller, or his/her Agent, think the property value should be at. The market value is a price a willing and able buyer will pay, when a property is offered on an open market for a reasonable amount of time.

Overpricing property based on Seller’s subjective value or what is sometimes called an “aspirational price,” especially in a declining market, is a sure first step to losing money. When a property lingers on the market for an extended period of time, carrying costs will continue to accumulate and property value will depreciate in line with the market conditions.

Additionally, properties with prolonged marketing times tend to get “stale” and attract fewer buyers. The solution is to honestly assess your selling objectives, including the desired time-frame, evaluate your property’s attributes and physical condition, analyze comparable sales and market conditions, and then decide on market-based pricing and marketing strategies.

Mistake #5: I will list my property for sale only with Agent who promises the highest price

Real estate is a competitive business and real estate agents compete to list properties for sale which generate their sales commission incomes. It is not unusual that Seller will interview several agents before signing an exclusive listing agreement and go with the agent who agrees to list the property at the highest price, often regardless if such price is market-based.

Similarly to Mistake #4, this mistake can be very damaging to Sellers, as overpriced properties stay on the market for extended periods of time costing Sellers carrying expenses such as mortgage payments, property taxes, insurance, utilities and maintenance.

Furthermore, there is the “opportunity cost” since the equity is “frozen,” and it cannot be deployed elsewhere till the property is sold. However, the most expensive cost is the loss of property value while the real estate market deteriorates.

During the last recession, we have seen multiple cases where overpriced properties stayed on the market for years and ended up selling for 25% to 40% below their initial fair market values.

The solution is to make sure that your pricing strategy is based on the market, not empty promises or wishful thinking.

Mistake #6: I will list my property only with Agent who charges the lowest commission

Real estate commission rates are negotiable and not set by law. A commission usually represents the highest transactional expense in selling real properties and is typically split between Brokers and Agents who work on the transaction

Some real estate agents offer discounted commissions, in order to induce Sellers to list their properties with them. But does paying a discounted commission ensure savings for the Seller? Not necessarily.

For example, if the final sales price is 5% to 10% below property’s highest market value, which is not that unusual, due to inadequate marketing, bad pricing strategy, and/or poor negotiation skills, it will easily wipe out any commission savings and actually cost the Seller tens of thousands of dollars in lost revenues.

The solution is to engage an agent who is a “Trusted Advisor,” not just a “Salesperson.” A Trusted Advisor will take his/her time and effort to do the following: 1) Perform Needs Analysis: listen and understand your property needs and concerns; 2) Prepare Property Analysis: thoroughly evaluate your property and market conditions; 3) Execute Sales and Marketing Plan: prepare and implement custom sales and marketing plan for your property; and 4) Obtain Optimal Results: be your trusted advocate throughout the process and achieve the best possible outcome.

Finding such a real estate professional may not be always easy, but it certainly is worth the effort and will pay off at the end.

In conclusion, this article has outlined six costly mistakes real estate Sellers make during recessions and how to avoid them. The first mistake is not understanding that real estate cycles are long and take years. The second mistake is a misconception that low interest rates alone will create a recovery. Another mistake is not realizing that circumstances may change and not planning in advance. Mistakes number four, five and six pertain to understanding the market value, proper pricing and selecting the right real estate professional.

By understanding and avoiding these mistakes, real estate Sellers have significantly better chances of minimizing the negative impact of a recession while selling their properties.

[ad_2]

Source by Robert W. Dudek

Continue Reading

News

Useful Tips To Build The Best Gaming Computer

Published

on

[ad_1]

Every gamer will want their computer to be the best gaming computer among their peers. Sometimes, with a little knowledge and tips and tricks, it is possible to build the best gaming computer and show it off to your peers. This article will show you how:

1) You can’t get the best gaming computer from computer retailers

If you want to get the best gaming computer, you have to build your own. Different gamers have different requirement for their gaming machine. Unless you are willing to pay a high price, you will not be able to buy a commercial computer that fulfills all your gaming needs. The only option you have is to build your own gaming computer.

2) You don’t have to be rich to build the best gaming computer

It is not necessary to burn a hole in your pocket to build the best gaming computer. With some due diligence, do some market research and compare prices around the marketplace. Merchant such as TigerDirect and NewEgg give regular discount to their products and you could save a lot of money if you catch them during their promotional period.

3) Most expensive parts do not have to be the best part

Sometime, the latest model or the most expensive model does not have to be the best part for your computer. It requires various components to work together to form the best computer system. When choosing a computer part, what matters is how well it can integrate with the rest of the components. Compatibility is more important than individual performance. What use is there if you spend lot of money on the latest quad-core processor and find that your motherboard doesn’t support it?

4) You don’t need to change the whole PC to own the best gaming computer

It is a misconception that you have to change the whole gaming machine to build the best gaming computer. If you already have a good barebone system, what you need to do is to upgrade the necessary parts and your gaming computer can roar back to life instantly.

5) Brand is important

Unless you want to see your computer system malfunction every few days, it is important that you purchase the parts from branded manufacturers with strict quality control. Motherboard brand such as Gigabyte, ABIT, ASUS are some quality brands that you can consider

If you follow diligently to the tips stated above. You will be on your way to build the best gaming computer. While price can be an issue, it is better not to scrimp on important computer parts such as motherboard, CPU, RAM and graphics card as it will cost you more to upgrade in the future.

[ad_2]

Source by Damien Oh

Continue Reading

Tags

Live Statistics

Trending