Clik here to view.
Surprise! NotPetya Is a Cyber-Weapon. It’s Not Ransomware
The NotPetya ransomware that encrypted and locked thousands of computers across the globe yesterday and today is, in reality, a disk wiper meant to sabotage and destroy computers, and not ransomware....
View ArticleClik here to view.
Microsoft Announces “Controlled Folder Access” to Fend Off Crypto-Ransomware
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside...
View ArticleClik here to view.
FedEx’s TNT Express deliveries disrupted by virus attack
TNT Express deliveries hit by virus attack at the same time as the Petya ransomware is causing problems around the globe. FedEx’s delivery subsidiary TNT Express has warned that its systems have been...
View ArticleClik here to view.
Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone
A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the...
View ArticleClik here to view.
Windows PCs Under Attack in Europe, Systems at Chernobyl Nuclear Plant Infected
New ransomware attacks now under way in Europe. Windows computers in Europe are currently under attack due to what seems to be a new form of ransomware similar to WannaCry. Hundreds of businesses and...
View ArticleClik here to view.
How the CopyCat malware infected Android devices around the world
Check Point researchers identified a mobile malware that infected 14 million Android devices, rooting approximately 8 million of them, and earning the hackers behind the campaign approximately $1.5...
View ArticleClik here to view.
Highly Advanced SpyDealer Malware Can Root One in Four Android Devices
Security experts have discovered a brand new Android trojan that features a broad range of features that allow it to root Android devices, steal data from over 40 apps, and geo-track phone owners....
View ArticleClik here to view.
SLocker Mobile Ransomware Starts Mimicking WannaCry
a new variant of mobile ransomware SLocker (detected by Trend Micro as ANDROIDOS_SLOCKER.OPST) was detected, copying the GUI of the now-infamous WannaCry. The SLocker family is one of the oldest mobile...
View ArticleClik here to view.
DECRYPTION KEY TO ORIGINAL PETYA RANSOMWARE RELEASED
The master key to the original version of the Petya ransomware – not to be confused with the latest and massive Petya/ExPetr outbreak that swept through the Ukraine and parts of Europe last month – has...
View ArticleClik here to view.
Upatre – Trojan Downloader
You can get the sample from theZoo SHA-256: 1b893ca3b782679b1e5d1afecb75be7bcc145b5da21a30f6c18dbddc9c6de4e7 We can use behavior analysis from hybrid-analysis. Seems like there is no known protection...
View ArticleClik here to view.
Calling Artificial Intelligence to Counter Ransomware Attacks
The progression in Artificial Intelligence have incited intense debate worldwide, some experts are calling AI to counter malware attacks In a short span of six weeks, the world was hit twice by major...
View ArticleClik here to view.
Adwind RAT is back, crooks are targeting Aerospace industries in many countries
Security experts at TrendMicro discovered that the notorious Adwind RAT has resurfaced targeting enterprises in the Aerospace industries worldwide. Crooks are even more opportunists, they continually...
View ArticleClik here to view.
Magala Trojan Uses Virtual Desktops to Secretly Click on Search Results Ads
A new click-fraud trojan is infecting Windows computers and using virtual desktops to click on ads in search results to earn a profit for its creator(s). Discovered by Kaspersky Lab researcher Sergey...
View ArticleClik here to view.
Samba puts out new security update to address exploit that fueled WannaCry
Vuln hit “all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos.” On Wednesday, the Samba Team released new security updates to fix a vulnerability in “all versions of Samba from...
View ArticleClik here to view.
New PoS Malware LockPoS emerges in the threat landscape
A newly discovered Point of Sale (PoS) malware dubbed LockPoS appeared in the wild and it is being delivered through the Flokibot botnet. A newly discovered Point of Sale (PoS) malware is being...
View ArticleClik here to view.
Keeping up with the Petyas: Demystifying the malware family
The origin of Petya The first Petya ransomware was released around March 2016 by a person/group calling themselves Janus Cybercrime Solutions. This group was advertising their affiliate program,...
View ArticleClik here to view.
New Exte CryptoMix Ransomware Variant Released
Yesterday, Malwarebytes malware researcher Marcelo Rivero discovered a new variant of the CryptoMix ransomware that is appending the .EXTE extension to encrypted file names. This article provides a...
View ArticleClik here to view.
GhostCtrl Is an Android RAT That Also Doubles as Ransomware
A new Android RAT (Remote Access Trojan) detected under the name of GhostCtrl can lock mobile device by resetting their PIN and display a ransom note to infected victims. These ransomware capabilities...
View ArticleClik here to view.
Reyptson Ransomware Spams Your Friends by Stealing Thunderbird Contacts
Over the weekend, Emsisoft security researcher xXToffeeXx discovered a new ransomware called Reyptson that is targeting Spanish victims. Since then, we have seen increased activity in the ransomware’s...
View ArticleClik here to view.
Implementing Malware Command and Control Using Major CDNs and High-Traffic...
In this blog post, we will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. This research...
View Article