Collaborate Disseminate
Security researchers have had a busy week since the WannaCry ransomware outbreak that wreaked havoc on computers worldwide. How did it all happen?
Categories:
Cybercrime
Exploits
Malware
Tags: botnetDoublePulsarEternalBlueexploitJaff ransomwaremalspa… Continue reading How did the WannaCry Ransomworm spread?
North Korean hackers may have sent phishing emails to South Korean organizations in late 2016 and early 2017 that carried ransomware, according to private sector intelligence firm Intel 471. Intel 471 obtained information about several samples related to this peculiar phishing email campaign, which in one case targeted a South Korean political organization earlier this year. “The sender was fluent in Korean and had a good familiarity with Korean culture,” said Intel 471 CEO Mark Arena, a former chief researcher with FireEye’s intelligence collection group iSight Partners. “The email included a fake Microsoft Word .doc file that when run, dropped ransomware and a likely Chinese originated trojan that could perform distributed denial of service attacks.” Oddly, although the phishing emails clearly targeted specific South Korean organizations, the ransomware itself was not capable of encrypting the most popular file type in Korea, .hwp (Hanword). It’s not clear why the attackers sent what […]
The post Ransomware aimed at South Korea in early 2017 may be work of North Korea, firm says appeared first on Cyberscoop.
Continue reading Ransomware aimed at South Korea in early 2017 may be work of North Korea, firm says
Mike Mimoso and Chris Brook discuss WannaCry, Microsoft’s response, the killswitches, a potential link with Lazarus Group, and what the future holds for the ShadowBrokers. Continue reading Threatpost News Wrap, May 19, 2017
Assume a reasonably secure windows host (latest windows updates/patches, up-to date enterprise antivirus).
How vulnerable is in this context a VM with a not up to date windows OS and an old and not up to date antivirus? 1)
… Continue reading Is a insecure VM in a secure host vulnerable to wannacry?
Does anybody knows of infected companies, public adminstrations or private user-PCs of wannacry in Germany? In the press there only was the Deutsche Bahn with many scoreboards affected plus DB Schenker (Deutsche Bahn logistic… Continue reading wannacry impact in Germany [on hold]
The PATCH Act proposes the formation of a review board that would formalize and make transparent the processes by which the government determines whether it will use or disclose a zero-day vulnerability. Continue reading PATCH Act Calls for VEP Review Board
Decryption tool is of limited value, because XP was unaffected by last week’s worm. Continue reading Windows XP PCs infected by WCry can be decrypted without paying ransom
Decryption tool is of limited value, because XP was unaffected by last week’s worm. Continue reading Windows XP PCs infected by WCry can be decrypted without paying ransom
I have an old Vista laptop running Vista (32 bit). I tried to install Microsoft’s patch for WannaCry from http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
When I try to install the Vista patch (not the 64-bit… Continue reading WannaCry patch for Vista; says not applicable [migrated]
Less than a week after the WannaCry ransomware rapidly spread across the world, a French security researcher released a tool on Thursday that gives Windows XP users a chance to decrypt and save their files from oblivion. Adrien Guinet created WannaKey that generates an RSA private key which can be used in combination with WanaFork to decrypt the files. It requires a bit of luck — that the memory hasn’t been reallocated and erased — but can be a potential file saver for those who meet the requirements. Make sure to read the program’s instructions and warnings closely before usage. #wannacry in-memory private RSA key recovery for Windows XP : https://t.co/nMqVKgfv58 — Adrien Guinet (@adriengnt) May 18, 2017 I got to finish the full decryption process, but I confirm that, in this case, the private key can recovered on an XP system #wannacry!! pic.twitter.com/QiB3Q1NYpS — Adrien Guinet (@adriengnt) May 18, 2017 Windows XP, […]
The post Researchers build WannaCry decryption tools for Windows XP appeared first on Cyberscoop.
Continue reading Researchers build WannaCry decryption tools for Windows XP