Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-07-24 05:33:58 |
(Déjà vu) Source Code For SLocker Android Ransomware That Mimics WannaCry Leaked Online (lien direct) |
Bad news for Android users - Source code of for one of the oldest mobile and popular Android ransomware families has been leaked online, making it available for cyber criminals who can use it to develop more customised and advanced variants of Android ransomware.
Source code for the SLocker ransomware, which saw a six-fold increase in the number of new versions over the past six months, has
|
|
Wannacry
|
|
|
2017-07-22 21:47:54 |
WannaCry & NotPetya Ransomware Attack Advice From Blancco Technology Group (lien direct) |
The ISBuzz Post: This Post WannaCry & NotPetya Ransomware Attack Advice From Blancco Technology Group |
|
NotPetya
Wannacry
|
|
|
2017-07-21 20:03:00 |
Worried about ransomware? Here are 3 things IT leaders need to know before the next big outbreak (lien direct) |
It's only a matter of time before another WannaCry-style ransomware outbreak, but you don't have to be a victim. Here's what IT leaders need to know in order to safeguard themselves and their users. |
Guideline
|
Wannacry
|
★★
|
|
2017-07-21 16:31:11 |
Motivation Mystery Behind WannaCry, ExPetr (lien direct) |
A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit. |
|
Wannacry
|
|
|
2017-07-20 11:00:59 |
WannaCry Fallout: 80% Of Brits More Worried About How Organisations Store Their Data Following Latest Attacks (lien direct) |
The ISBuzz Post: This Post WannaCry Fallout: 80% Of Brits More Worried About How Organisations Store Their Data Following Latest Attacks |
|
Wannacry
|
|
|
2017-07-19 09:25:52 |
WannaCry Fallout: 80% of Brits more worried about how organisations store their data following latest attacks (lien direct) |
New research by leading information security company Clearswift shows how attitudes to cyber security have changed in the boardroom and among staff in the wake of the recent WannaCry attack, surveying 600 business decision makers and 1,200 employees across the UK, US, Germany and Australia. Within a day the WannaCry attack, which affected major ...
|
Guideline
|
Wannacry
|
|
|
2017-07-19 08:00:35 |
WannaCry has changed attitudes to cyber security, surveys show (lien direct) |
Attitudes to cyber security have changed in the boardroom and among staff in the wake of the recent WannaCry attack, two surveys have revealed |
|
Wannacry
|
|
|
2017-07-19 01:23:32 |
New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices (lien direct) |
Remember SambaCry?
Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines.
We dubbed the vulnerability as SambaCry, because of its similarities to the Windows SMB vulnerability exploited by the WannaCry ransomware that wreaked havoc
|
|
Wannacry
|
|
|
2017-07-18 09:08:31 |
How do SMEs fight off cyber-attacks? (lien direct) |
In this article I want to address some of the concerns that small and medium sized enterprises may have around cybersecurity, especially in the wake of the WannaCry ransomware attack and a continuous news flow around successful attacks on high profile companies. Does the fact that well-known brands are successfully attacked and breached mean that ...
|
|
Wannacry
|
★★★★★
|
|
2017-07-14 16:29:04 |
Keeping up with the Petyas: Demystifying the malware family (lien direct) |
Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the background of the Petya family.
Categories:
Cybercrime
Malware
Tags: Anti-RansomwareEternalPetyaGoldeneye ransomwaregreen petyajanusMischa ransomwareNotPetyaPetrwrappetya originsPetya ransomwareransomwarered petya
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-07-14 15:37:09 |
WannaCry Locked Down Australian Traffic Cameras, Caused Voided Citations (lien direct) |
Do you think that ransomware attacks only affect personal computers and business systems? Think again - the recent widespread infections caused by the WannaCry ransomware touched more than just hospitals in the UK and unpatched Windows PCs. In the Australian state of Victoria, hundreds of traffic cameras, meant to enforce speed limits, were knocked offline after the malware infected the system. Instead of encrypting data for ransom, the system ... Read more
|
|
Wannacry
|
|
|
2017-07-14 12:00:22 |
Patching: Your questions answered (lien direct) |
How do patches work? Could the Microsoft patch have stopped WannaCryptor? All your questions answered.
|
|
Wannacry
|
|
|
2017-07-13 20:37:00 |
Ransomware on the Rise: What Should You Know? (lien direct) |
After the massive outbreak of the WannaCry malware that took down hospitals in the UK and spread around the world, we knew it was only a matter of time before similar attacks took place. With the recent outbreak of new ransomware, dubbed Petya, affecting computers in Ukraine and spreading to other countries, it’s a good time to take a step back and look at some hard facts about ransomware. ... Read more
|
|
Wannacry
|
|
|
2017-07-13 18:35:51 |
Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines (lien direct) |
Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr. |
|
Wannacry
|
★★★★★
|
|
2017-07-13 16:08:06 |
Samba puts out new security update to address exploit that fueled WannaCry (lien direct) |
Vuln hit "all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos." |
|
Wannacry
|
|
|
2017-07-13 10:27:45 |
Hospitals to receive £21m to increase cybersecurity at major trauma centres (lien direct) |
Hospitals responsible for treating patients from major incidents including terrorist attacks will receive £21m to beef up their cybersecurity in the wake of the WannaCry assault on NHS IT systems. View Full Story ORIGINAL SOURCE: The Guardian
|
|
Wannacry
|
|
|
2017-07-13 04:27:37 |
New Ransomware Threatens to Send Your Internet History & Private Pics to All Your Friends (lien direct) |
After WannaCry and Petya ransomware outbreaks, a scary (but rather creative) new strain of ransomware is spreading via bogus apps on the Google Play Store, this time targeting Android mobile users.
Dubbed LeakerLocker, the Android ransomware does not encrypt files on victim's device, unlike traditional ransomware, rather it secretly collects personal images, messages and browsing history and
|
|
Wannacry
|
|
|
2017-07-12 15:00:46 |
Check Point: A Leader in Vision and Execution (lien direct) |
Following the latest cyber attack outbreaks, WannaCry and Petya ransomware, businesses are now realizing just how vulnerable they are.  What seemed to be “good enough solutions†until now simply isn't enough in today's world. But still, many continue to add solutions that are focused on detecting attacks rather than preventing them. This approach lets the […]
|
|
Wannacry
|
|
|
2017-07-12 11:43:50 |
Video: So your company was hit with ransomware. Now what? (lien direct) |
Vincent Weafer, Vice President of McAfee Labs, explains the technology why the Petya and WannaCry outbreaks were so virulent, and what you can do when your company is exposed to a cyberattack. |
|
Wannacry
|
|
|
2017-07-12 11:12:20 |
Third of the UK Public not aware of the security policies implemented by their company (lien direct) |
According to a recent survey conducted by Expert Security UK, almost a third of the UK public are not aware of the safety and security policies implemented by the company they work for. With latest news of the global Petya ransomware attacks from Ukraine and NHS 'WannaCry' cyber-attacks, it should come as no surprise. For businesses, the consequences are ...
|
|
Wannacry
|
★★
|
|
2017-07-12 11:06:48 |
July Patch Tuesday Addresses Critical Vulnerability in Microsoft HoloLens (lien direct) |
Last month's Patch Tuesday highlighted updates for older Windows versions to address vulnerabilities responsible for the WannaCry outbreak. This July, Patch Tuesday shifts its focus to other technologies, with an update that addresses 54 vulnerabilities – including one in the augmented reality sphere.
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
July Patch Tuesday Addresses Critical Vulnerability in Microsoft HoloLens
|
|
Wannacry
|
|
|
2017-07-12 10:00:25 |
The Five Biggest Security Concerns After Petya And WannaCry (lien direct) |
The ISBuzz Post: This Post The Five Biggest Security Concerns After Petya And WannaCry |
|
Wannacry
|
|
|
2017-07-11 12:58:00 |
Outsmarting the Next Ransomware with Advanced Threat Protections (lien direct) |
Ransomware has recently reasserted itself into the public eye in a big way. The May cyberattack carried out by the malware WannaCry was one of the worst ransomware attacks ever, affecting over 300,000 computers operating MS Windows around the world. Unfortunately, the attack has once again demonstrated that far too many organizations do not have an effective security protocol in place, or do not take it seriously until after disaster strikes. In this case, the Microsoft vulnerability exploited by WannaCry had been patched in March, but many users... |
|
Wannacry
|
|
|
2017-07-10 17:18:30 |
A week in security (July 03 – July 09) (lien direct) |
A compilation of security news and blog posts from the 3rd of July to the 9th. We go over our latest Cybercrime Tactics & Techniques Report, summarize the Petya ransomware outbreak, and more.
Categories:
Security world
Week in security
Tags: a week in securityadgholasastrumEternalPetyamalvertisingrecapWanaCrypt0rWannaCryweekly blog roundup
(Read more...)
|
|
Wannacry
|
|
|
2017-07-07 12:46:27 |
Two suspects arrested in connection with WannaCry Android lookalikes (lien direct) |
Chinese authorities have arrested two individuals who are believed to have helped develop and distribute Android ransomware mimicking the WannaCry ransom-worm.
David Bisson reports.
|
|
Wannacry
|
|
|
2017-07-06 20:00:00 |
WannaCry and Petya: The Circus Comes to Town (lien direct) |
By now, you will have all heard about the rampant spread of ransomware through countless press pieces, blog articles, and far too often, the outrageous claims of some security vendors.
But let's stop and think for a minute or two. How did these attacks happen? Are companies focusing on valid threats, fixing the right problems, or developing correct processes? Have so-called disruptive technologies disrupted our thinking? Let's not go tactical. Instead, we need to consider, “what is our best strategy?â€
Ever since the... |
|
Wannacry
|
|
|
2017-07-06 19:06:53 |
Report: Second quarter dominated by ransomware outbreaks (lien direct) |
The second quarter of 2017 left the security world wondering, “What the hell happened?†With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.
Categories:
Malwarebytes news
Tags: ad fraudadam kujawaAdam McNeiladwareAmazon PhishingArmando Orozcoastrumboaxxeebreachbreachescerbercybercrime tactics & techniquescybercrime tactics and techniquesdokDoublePulsarEKEternalBlueEternalPetyaexploit kitFindzipfireballhandbrakeJaffJean-Philippe TaggartJerome SegurakovterLockyMagnitudeMalwarebytesmalwarebytes labsMarcelo RiveroNathan CollierNotPetyaNSAnymain |
|
NotPetya
Wannacry
|
|
|
2017-07-06 18:15:09 |
All this EternalPetya stuff makes me WannaCry (lien direct) |
Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.
Categories:
Cybercrime
Malware
Tags: attributiondecryptionDoublePulsarEternalBlueEternalPetyaEternalRomancehasherazadem.e.docNotPetyaNSApetyaPetya ransomwareShadowBrokersWannaCryWannaCryptWannaCryptor
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-07-06 11:28:03 |
Android Ransomware Mimics WannaCry (lien direct) |
Android file-encrypting ransomware SLocker was recently observed using an interface similar to that of the WannaCry malware that hit Windows systems worldwide last month, TrendMicro security researchers reveal.
|
|
Wannacry
|
|
|
2017-07-06 08:35:31 |
À l\'assaut des réseau électriques, les cybercriminels affûtent leurs armes (lien direct) |
L'analyse du malware ayant frappé le réseau électrique ukrainien en décembre 2016 révèle un niveau de sophistication jusque-là inconnu. Elle montre que les assaillants affûtent leurs armes et que l'Ukraine n'était probablement qu'une répétition. Les entreprises doivent passer outre les trompe-l'Å“il comme WannaCry et investir dans des solutions pérennes de cybersécurité pour les infrastructures industrielles critiques. |
|
Wannacry
|
|
|
2017-07-05 16:41:06 |
Fake WannaCry Ransomware Uses NotPetya\'s Distribution System (lien direct) |
The NotPetya wiper wasn't the only piece of malware distributed last week using the compromised M.E.Doc update mechanism: a fake WannaCry ransomware variant was delivered using the same channel, Kaspersky Lab reports.
|
|
NotPetya
Wannacry
|
|
|
2017-07-05 15:37:00 |
Despite hype, ransomware accounted for only 1% of malicious programs in 2016, according to report (lien direct) |
A new report from AV-Test showed that ransomware attacks on Windows in 2016 were low. Still, attacks like WannaCry and NotPetya caused a significant amount of damage. |
|
NotPetya
Wannacry
|
|
|
2017-07-05 15:25:34 |
Chinese Police Arrest Ransomware Devs Spreading WannaCry Lookalike for Android (lien direct) |
Chinese authorities have arrested two men who have distributed a version of the SLocker Android ransomware that was customized to look like WannaCry, the Windows ransom-worm that spread across the world in the middle of May. [...] |
|
Wannacry
|
|
|
2017-07-05 14:00:30 |
SLocker Mobile Ransomware Starts Mimicking WannaCry (lien direct) |
Early this month, a new variant of mobile ransomware SLocker (detected by Trend Micro as ANDROIDOS_SLOCKER.OPST) was detected, copying the GUI of the now-infamous WannaCry. The SLocker family is one of the oldest mobile lock screen and file-encrypting ransomware and used to impersonate law enforcement agencies to convince victims to pay their ransom. After laying low for a few years, it had a sudden resurgence last May. This particular SLocker variant is notable for being one of the first Android file-encrypting ransomware, and the first mobile ransomware to capitalize on the success of the previous WannaCry outbreak.
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
SLocker Mobile Ransomware Starts Mimicking WannaCry
|
|
Wannacry
|
|
|
2017-07-04 10:20:05 |
WannaCry a signal moment, says NCA (lien direct) |
The National Crime Agency believes the recent WannaCry attacks represent a “signal moment†in terms of awareness of cyber attacks and their real-world impact |
|
Wannacry
|
|
|
2017-07-04 00:58:04 |
BROKERS IN THE SHADOWS – Part 2: Analyzing Petya\'s DoublePulsarV2.0 Backdoor (lien direct) |
Background In the wake of WannaCry, a new cyber threat has emerged from the NSA leak. Making use of previously exposed tools, Petya once again is engaged in another large scale attack. Important distinctions in this case, however, are that the attacks targets specific victims, and are used solely for destruction. While Petya may look […]
|
|
Wannacry
|
|
|
2017-07-03 19:24:13 |
A week in security (June 26 – July 02) (lien direct) |
A compilation of security news and blog posts from the 26th of June to the 2nd of July. We delved deep into EternalPetya, the latest ransomware to make headlines last week. We also outed a fake WannaCry scanner and touched on other topics like adware, an educational campaign, and phishing.
Categories:
Security world
Week in security
Tags: EternalPetyaransomwarerecapweek in securityweekly blog roundup
(Read more...)
|
|
Wannacry
|
|
|
2017-07-03 12:58:00 |
Byline: Petya, Wannacry, and Mirai - Is This the New Normal? (lien direct) |
This past year, cybercriminals have upped the stakes once again with the high profile, global attacks of Mirai, Wannacry, and Petya, launched one after the other.
Of course, large-scale attacks aren't new. Attacks like the ILOVEYOU worm and Code Red and Nimda were massive attacks, some of which affected exponentially more devices and organizations that this latest round of attacks. The spread of WannaCry and Petya were quickly curbed unlike these worms of the past. But this isn't just about scale. Unlike in years past, the new digital... |
|
Wannacry
|
|
|
2017-07-03 10:22:16 |
BCS Launches Bid to Prevent Another NHS WannaCry Epidemic (lien direct) |
BCS, The Chartered Institute for IT, is leading a new effort to improve cybersecurity within the NHS in a bid to head off another WannaCry-style incident. View Full Story ORIGINAL SOURCE: Info Security Magazine
|
Guideline
|
Wannacry
|
|
|
2017-07-03 09:14:19 |
WannaCry virus fails to stimulate surge in Cyber insurance, according to FWD broker research (lien direct) |
The recent 'WannaCry' ransomware virus attack was heralded as the wake-up call for businesses concerned about their cyber security. A recent survey of 250 UK insurance broking firms, however, shows that following the attack there has surprisingly been little increase at all in the number of enquiries for Cyber insurance cover. The research, carried out ...
|
|
Wannacry
|
|
|
2017-07-02 16:09:42 |
Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue), (Sat, Jul 1st) (lien direct) |
With both WannaCry and NotPetya using MS17-010 for propagation it is important to be able to detect servers which are vulnerable. Even if you have comprehensive vulnerability management and patching programs there are almost certainly servers that have been missed, whether because they are vendor supported or part of your companyscottage IT. It is important to be able to find those servers and either remediate them or put additonal controls in place to protect them.
|
|
NotPetya
Wannacry
|
|
|
2017-06-30 19:43:37 |
Microsoft Tackles Ransomware with Controlled Folder Access (lien direct) |
In the wake of global malicious attacks such as WannaCry and NotPetya, Microsoft this week announced a new feature meant to keep users' data safe from ransomware and other type of malware.
|
|
NotPetya
Wannacry
|
|
|
2017-06-30 17:49:19 |
Countering WannaCry And Petya With Blockchain Technology (lien direct) |
The ISBuzz Post: This Post Countering WannaCry And Petya With Blockchain Technology |
|
Wannacry
|
|
|
2017-06-30 16:53:36 |
EternalPetya – yet another stolen piece in the package? (lien direct) |
Since 27th June we've been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others - that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).
Categories:
Malware
Threat analysis
Tags: attributionEternalPetyahasherezadehexeditjanusMalwarebytesNotPetyaNSApetyapsexecransomware
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-06-30 16:07:28 |
Eternal Blues – Un scanner pour débusquer les machines vulnérables à la faille SMBv1 utilisée par Wannacry et notPetya / Petwrap (lien direct) |
Petya, notpetya, petwrap, Expetr, GoldenEye et j'en passe, profite de la faille SMBv1 que Microsoft a patchée en mars 2017 et qui a leakée des mains de la NSA il y a peu sous le nom EternalBlue et EternalRomance. Je ne vais pas revenir sur le problème, car j'ai exprimé le fond de ma pensée > Lire la suite
Cet article merveilleux et sans aucun égal intitulé : Eternal Blues – Un scanner pour débusquer les machines vulnérables à la faille SMBv1 utilisée par Wannacry et notPetya / Petwrap ; a été publié sur Korben, le seul site qui t'aime plus fort que tes parents.
|
|
NotPetya
Wannacry
|
|
|
2017-06-30 14:56:00 |
Ransomware attacks: Here\'s what we need to learn from WannaCry and Petya (lien direct) |
Ransomware is here to stay, which means it's time to make a few changes to how we respond. |
|
Wannacry
|
|
|
2017-06-30 13:00:00 |
Week in Review 30th June 2017 (lien direct) |
New Petya Variant
Unless you’ve been away for the week on a deserted location with no access to the internet, radio, or television, you’ve likely been bombarded with news of the Petya ransomware variant that took offline most of the Ukraine as well as spreading around to other countries. It echoes the disastrous impact WannaCry had just a few short weeks ago.
Our own AlienVault labs team broke down what they saw
Microsoft has a nice technical post on how the attack works
Lesley Carhart has written a very accessible post explaining the attack and the surrounding issues.
Perhaps the biggest victim this time round was Cadbury’s, as it had to shut down its famous chocolate factory in Hobart.
How I obtained direct publish access to 13% of npm packages
This is a great post on how ChALkeR was able to obtain direct publish access to 13% of npm packages – with an estimated reach of up to 52% once you factor in dependency chains.
It’s interesting because it’s relatively straightforward using three basic techniques of bruteforcing, reusing passwords from leaks, and npm credentials on GitHub.
The issue has been addressed in an npm blog post.
Just in case you need to check your credentials
You are not Google
Neither are you Amazon, or LinkedIn, or Facebook, or Netflix etc. A great post especially for engineers.
This line of thinking can be expanded into security too. Just because a large, well-funded, and highly targeted company is using the latest bleeding edge next generation security products and tools, it doesn’t mean every company needs to adopt the same toolset. Rather, it’s about looking at what matters most, and getting security controls that are appropriate.
I really need to find better ways of explaining my thoughts, the paragraph I just wrote throws me back to days of being a consultant.
Legal boundaries and privacy
The long-running case between the US Department of Justice and Microsoft has taken another turn as the DoJ has petitioned the US supreme court to get involved in allowing the US government access to Microsoft emails stored at its Dublin data centre.
As Microsoft president and chief counsel Brad Smith argued in a blog post, if the US government has the right to directly seize internationally-held data, then other countries will of course expect the same right. This in effect would allow international digital raids for American or other nations’ data, in the US or around the worl |
Guideline
|
NotPetya
Wannacry
|
|
|
2017-06-30 09:35:59 |
Rebuffing Ransomware: Common Sense Advice from CompTIA (lien direct) |
The Petya ransomware attack – the second major global cyberattack in two months – left a trail of locked computers and compromised networks in some 65 countries around the world. Like the WannaCry attack in May, Petya this week exposed weaknesses in cybersecurity defenses. It also reinforces the notion that it's a case of when, ...
|
|
Wannacry
|
|
|
2017-06-30 03:38:12 |
Windows 10 to Get Built-in Protection Against Most Ransomware Attacks (lien direct) |
Ransomware Ransomware Everywhere Not a Single Place to Hide!
But, Microsoft has a simple solution to this problem to protect millions of its users against most ransomware attacks.
Two massive ransomware attacks - WannaCry and Petya (also known as NotPetya) - in a month have caused chaos and disruption worldwide, forcing hospitals, ATMs, shipping companies, governments, airports and car
|
|
NotPetya
Wannacry
|
|
|
2017-06-29 21:35:19 |
Why Petya, Like WannaCry, Signals A New Era Of Cybercrime (lien direct) |
The ISBuzz Post: This Post Why Petya, Like WannaCry, Signals A New Era Of Cybercrime |
|
Wannacry
|
|