On Tuesday 6/27/2017 another massive ransomware attack hit the world. This one is known as ‘Petya’ appears to have originated from a highly sophisticated Russian strain of the WannaCry strand that hit back in May 2017. The ransomware, if launched, will encrypt all files on the user’s computer, making them unusable. The ‘worm’ also transmits via networked computers to other computers and servers in the organization to spread itself. The creator demands about $300 worth of Bitcoin to provide the decryption keys (per machine) if infected. It is hit and miss as to whether or not you actually get the decrypter though, as for some time now only about 50-60% actually get their data back even after paying ransoms. The FBI recommends no one ever pay the ransoms as this just keeps this dark business going and encourages further development.
URGENT Malware/Ransomware Newsletter – May 2017
As you may have heard, a new threat has emerged on the internet known as WannaCry (AKA Wcry and WannaCryptor), although the exploit is not new as far as what it does, this latest ransomware threat has already crippled companies overseas and has started to show up in the U.S. including FedEx. The threat comes in the form of a malicious email, that may have a fake invoice (PDF or Word Document) or something similar attached that sounds important (to make you want to open it). The exploit can launch once the attachment is opened. Some have also reported that simply previewing the email can launch the hidden script in the background to launch the ransomware process (but this is unverified).
Adobe Flash Player - Emergency Update - April 2016
Adobe Flash Player - Emergency Update - April 2016
Adobe has released a critical patch for it's popular Flash Player. This patch addresses a vulnerability that has been discovered allowing "drive-by" infections of ransomware and a flaw that can potentially allow an attacker to take control of an infected computer. This vulnerability affects all platforms running Flash Player, including Windows, Macintosh, Linux and Chrome O/S.
Malware And Ransomware Threats 2016
Malware And Ransomware Threats 2016 : DNS Texas is seeing a large increase in the amount of Phishing and malicious emails hitting our systems. As a result, we are providing this information so you can better protect yourself, in the event one of these malicious emails/files makes it to your inbox or computer. This is a living document and will be updated with any new information as we run across it. Please feel free to share your suggestions and note anything we may have missed in the comments area below.
POODLE Vulnerability In IIS - Windows
ISSUE
More Info: http://en.wikipedia.org/wiki/POODLE
SSL “POODLE” vulnerability disclosed in September 2014. Allows for man-in-the-middle type data loss, which takes advantage of internet and security software clients fallback to SSL 3.0. This attack is not as serious as Heartbleed and Shellshock attacks that also hit earlier in 2014.
This article focuses on the POODLE Vulnerability In IIS - Windows
