Collaborate Disseminate
Cybereason: Researchers at Cybereason have discovered a new strain of the Cerber ransomware that implements a new feature to avoid triggering canary files. Apparently this strain of Cerber assumes that any malformed image file is a ‘canary’ file (a variation on the old idea of a goat file) and avoids encrypting it or any other file in […] Continue reading Cerber now kind to canaries
WordFence, which offers a security plugin for WordPress sites, reports on Ransomware Targeting WordPress – An Emerging Threat, claiming to have ‘captured several attempts to upload ransomware that provides an attacker with the ability to encrypt a WordPress website’s files and then extort money from the site owner.’ I hope the company won’t mind my quoting this […] Continue reading Ransomware targeting WordPress sites
The Register: TalkTalk fined £100k for exposing personal sensitive info – 21,000 accounts handled by Indian outsourcing biz exposed ‘…TalkTalk found an issue with the UK ISP’s portal … One of the companies with access to the portal was Wipro, a multinational IT services company in India that resolved high level complaints and addressed network coverage problems on […] Continue reading Talk Talk fined for support scam issue
SecurityWeek contributor Kevin Townsend asked me about a report from the UK’s De Montfort University on the psychology of ransomware splash screens. Here’s the article he published – Researcher Analyzes Psychology of Ransomware Splash Screens – and here are some further thoughts from me published on the ESET blog: Social engineering and ransomware. David Harley Continue reading Social Engineering and Ransomware
Lawrence Abrams for Bleeping Computer: Reyptson Ransomware Spams Your Friends by Stealing Thunderbird Contacts. He says: ‘…unfortunately there is no way to decrypt this ransomware currently for free. We have, though, setup a dedicated Reyptson Support & Help Topic for those who wish to discuss it or ask questions.’ Announcement by EMSIsoft’s @PolarToffee. Notes from @malwrhunterteam David Harley Continue reading Reyptson Ransomware
Not directly concerned with tech support scams, which have tended to be my main scam focus on this site, but David Bisson put up a very useful post – Google and Apple should do more to fight phone scammers, says researcher: Cooperation with government is key, but it’s only part of the solution… – expanding on a slightly […] Continue reading Technology versus phone scammers
AV-Test offers an interesting aggregation of 2016/2017 malware statistics in its Security Report here. Its observations on ransomware may be of particular interest to readers of this blog (how are you both?) The reports points out that: There is no indication based on proliferation statistics that 2016 was also the “year of ransomware“. Comprising not […] Continue reading AV-Test Report: malware/threat statistics
Microsoft describes the new Windows 10 feature ‘Controlled folder access in Windows Defender Antivirus’ in the article Announcing Windows 10 Insider Preview Build 16232 for PC + Build 15228 for Mobile. The article specifically mentions ransomware as one of the threats against which it is likely to be effective. The article states that ‘Controlled folder access […] Continue reading Windows 10 Controlled folder access
Microsoft describes the new Windows 10 feature ‘Controlled folder access in Windows Defender Antivirus’ in the article Announcing Windows 10 Insider Preview Build 16232 for PC + Build 15228 for Mobile. The article specifically mentions ransomware as one of the threats against which it is likely to be effective. The article states that ‘Controlled folder access […] Continue reading Windows 10 Controlled folder access
Dial One for Scam: A Large-Scale Analysis of Technical Support Scams is an academic paper, but interesting*. While it doesn’t tell seasoned scam watchers much we weren’t already aware of, it does take a systematic look at how the scheme is implemented, and hopefully that will be useful to someone in a better position to pursue […] Continue reading The Mechanisms of Support Scamming