NotPetya/GoldenEye back in the spotlight: UK officially points finger to Kremlin for June 2017 cyberattack

2017 has already gone down as the worst year on record from a cybersecurity standpoint. But the world is still not over the two infamous attacks deployed by hackers in May (WannaCry) and June (NotPetya/Goldeneye) of last year, which together dealt bill… Continue reading NotPetya/GoldenEye back in the spotlight: UK officially points finger to Kremlin for June 2017 cyberattack

Bye, bye Petya! Decryptor for old versions released.

This post shows you how to use the special decryptor for the petya family: Petya, Msicha, and Goldeneye. Not suitable for copycats of these.
Categories:
Malwarebytes news
Tags: decryptorgoldeneyemftMischapetyatoos

(Read more…)

The post Bye, bye … Continue reading Bye, bye Petya! Decryptor for old versions released.

EternalPetya and the lost Salsa20 key

The latest Petya seems to be broken on purpose: the victims’ keys are lost forever.
Categories:
Malware
Threat analysis
Tags: EternalPetyagoldeneyepetyaPetya ransomwareransomwareWanaCrypt0rWannaCryWannaCrypt

(Read more…)

The post EternalPetya an… Continue reading EternalPetya and the lost Salsa20 key

Global ransomware outbreak spread in part due to NSA-linked hacking tool

A growing number of cybersecurity firms, including BitDefender, Kaspersky Lab and Symantec, along with a cohort of independent cybersecurity researchers, say that the quickly spreading ransomware variant, known as Petya, is proliferating in part due to two previously leaked NSA hacking tools, codenamed EternalBlue and EternalRomance. This is not the first time in recent months that hackers combined leaked NSA computer code with ransomware to make their attacks more potent. Some researchers disagree on how to define the quickly spreading malware; with various security experts calling the ransomware a variant of Peyta, or GoldenEye, and others explaining it as an entirely different computer virus. Regardless, commonalities do exist and incidents involving what appears to be the same “Peyta” ransomware were reported Tuesday across most of Europe. Peyta is believed to be more complex than a similar recent attack known as WannaCry, which was also powered by EternalBlue; although in a slightly different fashion. […]

The post Global ransomware outbreak spread in part due to NSA-linked hacking tool appeared first on Cyberscoop.

Continue reading Global ransomware outbreak spread in part due to NSA-linked hacking tool

A week in security (Dec 11 – Dec 17)

A compilation of notable security news and blog posts from the 11th of December to the 17th. This week, we talked about ransomware, screen lockers, Goldeneye–not the James Bond movie–and Malwarebytes’ 2017 predictions.Categories: Security world
Week… Continue reading A week in security (Dec 11 – Dec 17)