WannaCry – WindowsTechs.com

Timeline: Top 15 Notable Cyberattacks and Data Breaches

Posted on October 7, 2024 by Megan Crouse

These 15 cyber attacks or data breaches impacted large swaths of users across the United States and changed what was possible in cybersecurity. Continue reading Timeline: Top 15 Notable Cyberattacks and Data Breaches→

How Morris Worm Command and Control Changed Cybersecurity

Posted on May 1, 2023 by Jonathan Reed

A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) […]

The post How Morris Worm Command and Control Changed Cybersecurity appeared first on Security Intelligence.

Continue reading How Morris Worm Command and Control Changed Cybersecurity→

Why did the WannaCry ransomware kill switch check whether it was within a virtual environment in this manner?

Posted on March 29, 2023 by Feddy1919

I have been researching the Wannacry ransomware, and have seen an example of the kill switch within Ghidra. What baffles me is, why did they implement the kill switch as a web domain instead of any other alternative methods, or why impleme… Continue reading Why did the WannaCry ransomware kill switch check whether it was within a virtual environment in this manner?→

Exposing a Currently Active WannaCry Ransomware Domains Portfolio – An OSINT Analysis – A PDF Paper

Posted on March 9, 2023 by Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

This content is for members only. Visit the site and log in/register to read.
Continue reading Exposing a Currently Active WannaCry Ransomware Domains Portfolio – An OSINT Analysis – A PDF Paper→

Worms of Wisdom: How WannaCry Shapes Cybersecurity Today

Posted on November 28, 2022 by Doug Bonderud

WannaCry wasn’t a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol. As a result, when the WannaCry “ransomworm” hit networks in 2017, it expanded […]

The post Worms of Wisdom: How WannaCry Shapes Cybersecurity Today appeared first on Security Intelligence.

Continue reading Worms of Wisdom: How WannaCry Shapes Cybersecurity Today→

Advanced threat predictions for 2023

Posted on November 14, 2022 by GReAT

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Continue reading Advanced threat predictions for 2023→

Where is the AES key of ransomware stored (in the file header/trailer)?

Posted on October 9, 2022 by Moooz

Advanced types of Ransomware generate, usually, an AES 128 bit key (used to encrypt files, some types of ransomware use a unique AES key for each file). This key is generated on the fly. In addition, the ransomware generates a client RSA 4… Continue reading Where is the AES key of ransomware stored (in the file header/trailer)?→

FBI, CISA, Treasury: North Korean hackers taking aim at health care with Maui ransomware

Posted on July 6, 2022 by Tim Starks

The ransomware has previously received little public scrutiny.

The post FBI, CISA, Treasury: North Korean hackers taking aim at health care with Maui ransomware appeared first on CyberScoop.

Continue reading FBI, CISA, Treasury: North Korean hackers taking aim at health care with Maui ransomware→

Where Everything Old is New Again: Operational Technology and Ghost of Malware Past

Posted on April 13, 2022 by Camille Singleton

This post was written with contributions from IBM Security’s Sameer Koranne and Elias Andre Carabaguiaz Gonzalez. Operational technology (OT) — the networks that control industrial control system processes — face a more complex challenge than their IT counterparts when it comes to updating operating systems and software to avoid known vulnerabilities. In some cases, implementation […]

The post Where Everything Old is New Again: Operational Technology and Ghost of Malware Past appeared first on Security Intelligence.

Continue reading Where Everything Old is New Again: Operational Technology and Ghost of Malware Past→

CISA to brief critical infrastructure companies about urgent new Log4j vulnerability

Posted on December 13, 2021 by Tonya Riley

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about a critical vulnerability affecting products with the Log4j software library, according to a statement. CISA sent out an alert Friday that the agency had added the flaw to its list of exploited vulnerabilities, and urged federal and civilian organizations to patch and take steps to mitigate harm immediately. Log4j is a widely-used open-source logging tool popular in numerous cloud and enterprise apps including Minecraft, Apple Cloud, Cloudflare and Twitter, making the extent of the zero-day’s potential damage likely wide-reaching. “CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library,” CISA director Jen Easterly said in a statement. “This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use.” Cybersecurity researchers noted over the weekend that […]

The post CISA to brief critical infrastructure companies about urgent new Log4j vulnerability appeared first on CyberScoop.

Continue reading CISA to brief critical infrastructure companies about urgent new Log4j vulnerability→