Experts also mentioned the Petya ransomware

rakhirhif8963 · Post by **rakhirhif8963** » Sun Feb 09, 2025 4:48 am

In the worst-case scenario, losses from cyberattacks will exceed the economic damage from Hurricane Katrina, which was the most destructive hurricane in U.S. history. The losses amounted to $108 billion, of which $80 billion were losses subject to compensation from insurance companies, while in the case of cyberattacks, insurance will not cover a large part of the losses - 83-93% , according to a report by Lloyd's of London.

Which attacked dozens of companies and organizations in Asia, Europe, Latin America, Russia, and Ukraine at the end of June. Later, Kaspersky Lab found differences between the attacking virus and the already known Petya virus family and named this type of malware ExPetr. According to a number of experts, the new large-scale cyberattack on companies in various countries was not aimed at extorting funds as such: rather, it was about using cyberattacks to disrupt the work of companies and infrastructure facilities. Among the large Russian companies, Evraz, Mondelez, Rosneft, Tatneft, and Home Credit Bank suffered from the virus. Experts estimate the economic damage caused by this virus at $850 million.

Windows, Linux, and macOS Pay the Price for Kerberos Cryptographic Flaw
Lam Tang | 17.07.2017
Researchers have discovered a bug in the authentication protocol that affects Microsoft, Linux and Apple operating systems .

A 21-year-old bypass bug in the Kerberos cryptographic malta mobile database protocol has been fixed in patches released by Microsoft, Samba, Fedora, FreeBSD, and Debian.

Those who discovered the Kerberos bypass have dubbed this long-standing bug the Orpheus Lyre. In ancient Greek myth, the musician Orpheus managed to get past Cerberus, the three-headed dog guarding the entrance to Hades, by lulling him to sleep by playing his lyre.

The Kerberos protocol, named after Cerberus, is used for cryptographic authentication in products such as Microsoft Active Directory. Microsoft recently fixed the bug in its Patch Tuesday updates.

Samba, Debian, and FreeBSD are also affected by the bug, thanks to Heimdal, an open-source variant of Kerberos V5. Heimdal is vulnerable up to version 7.4. It appears that Apple's macOS implementation of Kerberos is also affected by Orpheus Lyre, while MIT's implementation is not.

Orpheus Lyre was discovered by Jeffrey Altman, Victor Duchovny, and Nico Williams. They explain that the bug can be used in a man-in-the-middle attack to remotely steal credentials and gain privilege escalation to defeat Kerberos encryption.