Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

I think NdlelaByte which is a MCSIDevelopers solution is the answer to this piracy thing as its affects us as Software developers as well as those who do Music, Movies and Games. According to what I saw yesterday they said the mostly pirated contents are Games, Music, Software and finally Movies. The reason why I think NdlelaByte is the best is because its directly solve the problem from its roots upwards. NdlelaByte has these features:

Copy Count
Private Formats
Advanced Private encryption
Real time file monitoring.

Yes there are many other companies that developed the anti piracy system but just check them and compare to what NdlelaByte from MCSIDevelopers do, the NdlelaByte is the only anti piracy that really solve this piracy problem.

Check it out and lets me hear what you think about it. http://www.facebook.com/MCSIDevelopers or check them on twitter http://www.twitter.com/MCSIDevelopersGooglePlusCoverPageGameAndSoftware.png
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Good to know - The upcoming Windows update, Redstone 3, will patch the vulnerability that enables EternalBlue exploits. Not all SMB version are that vulnerable as compared to SMBv1.
Microsoft doesn't recommend disabling SMBv2 or SMBv3 for Windows client and server operating systems. Disabling SMBv3 will deactivate encryption that provides protection from eavesdropping on untrustworthy networks. Organizations should proceed with caution when disabling either protocol as a temporary troubleshooting measure.
http://searchsecurity.techtarget.com/answer/Stopping-EternalBlue-Can-the-next-Windows-10-update-help?
0
Hi all,

we have procured Dell Latitude E5580 which is supported only windows 10 and we are using Kaspersky drive encryption. the issue is once the drive encryption is done, the key board is not working on Kaspersky authentication agent window on boot up screen as this laptop is having only HID keyboard.

requesting you all to help us.

thank you in advance.

Manoj
0
 
LVL 25

Expert Comment

by:Brian B
This is a post. It sounds like you are asking for help from the Experts? Please use this link: https://www.experts-exchange.com/askQuestion.jsp
0
1
Today's update on Petya
Previously, it was believed that the ransomware would not begin encrypting until an hour after the initial infection. It is now been discovered that it begins encrypting the first 1MB of the below file types upon infection. Therefore turning off your device when viewing the reboot message, will not stop encryption.

It is also now being disputed if the goal of this attack was to collect Bitcoin or cause mass destruction in the devices it infects.

Files types:
.3ds .7z .accdb .ai .asp .aspx .avhd .back .bak .c .cfg .conf .cpp .cs .ctl .dbf .disk .djvu .doc .docx .dwg .eml .fdb .gz .h .hdd .kdbx .mail .mdb .msg .nrg .ora .ost .ova .ovf .pdf .php .pmf .ppt .pptx .pst .pvi .py .pyc .rar .rtf .sln .sql .tar .vbox .vbs .vcb .vdi .vfd .vmc .vmdk .vmsd .vmx .vsdx .vsv .work .xls .xlsx .xvd .zip
6
Update on Petya Attack
As noted by our on-site expert, krakatoa, the current vaccine for Petya involves creating a file called perfc in the C://Windows folder and making it read only.  No kill-switch has been discovered, only a local vaccine.  
If you see the reboot notification below, your device has been infected. Turn off your device to prevent future encryption. Petya begins encrypting the device an hour after the initial infection.
**Update: Petya begins encrypting your the first 1MB of your files prior to the reboot. See new post for the updated information. **petyareboot.JPG
6
 

Expert Comment

by:Phillip Monk
.dat
1
 
LVL 10

Author Comment

by:Experts Exchange
According to our knowledge, file extensions .dat and .dll for perfc. Check out this article for more info!
0
Petrwrap, specifically, targets the Master File Table (MFT), which is essential for your computer to find files on the computer. By targeting the MFT, the ransomware is able to attack individual files faster than if each file were to be encrypted one-by-one. The good news is… that Petrwrap is detectable by anti-virus tools. Unfortunately, if the anti-virus scanner is delayed in catching it, Petrwrap can easily get a foothold into the computer system and spreads very quickly. Moreover, the encryption is so strong, that it is unlikely to be able to break through the software and recover files.
Check out our blog post on “Why Vulnerability Assessments Are Insufficient” for more information on securing your servers.


http://www.uzado.com/blog/why-vulnerability-assessments-are-insufficient
3
0
 
LVL 18

Expert Comment

by:Wayne88
And your point is?  Nobody is complaining when Echelon spy on everyone else.
0
So with the recent WannaCry malware, there were 3 (afaik) bitcoin addresses circulated to receive ransom payments:

12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94
115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

At the time of this writing, it looks like around 34 BTC ($60k USD) have been extorted to date. Really low take (imo), considering the widespread reports of this attack. I'm curious if there are any other BTC wallet addresses out there?
9
 
LVL 1

Expert Comment

by:Michael Arciniega
I wonder how effectively they'll be able to use those funds since they have such a large target on their heads and every transaction on the chain is public information. Can they use enough coin mixers to obfuscate their identity?
0
 
LVL 18

Author Comment

by:Lucas Bishop
Up to 40 BTC ($70k) now.

Considering it's only 40BTC, they could easily run it through multiple mixers in small batches and see good results on obfuscation. Nothing like the 5,500 BTC Tomas Jirikovsky tried to tumble and cash out.

However, I suspect WannaCry has negatively effected enough SysAdmins, that the interest in tracing transactions related to these addresses through the blockchain may be much more fruitful than traditional attempts. I wouldn't be surprised if the perpetrators don't even try to cash out, considering the risk vs reward doesn't make financial sense.
0
Ransomware - Wannacry/wcry and everything else ...

Ransomware in general is something none of us wish to deal with.  The latest Wannacry problem is worse.  This is not because of what it is but rather of the extent to which it has affected our users.  There have been a plethora of great suggestions all over this site.  I would add to those with the following suggestions:
•      Completely check your system for viruses with a reputable virus checker
•      Check any suspected files and or links at virustotal.com
•      Make sure you have a tested versioning backup system
•      Do a complete scan of your system
•      Updates
        o      Make sure all your programs and your operating system is up to date (even old Windows OS’s now
                have updates, like windows XP – check the Microsoft website and do a windows update)
        o      If you are unable to do updates on your own machine due to company policy, make sure that your IT
                department is doing the updates.
•      Do not, click on an attachment in your email, even if it is from someone you know – call them up and check
        that they sent it – they’ll understand.

Whenever I touch a system I do a “ransomware check” which involves the following:
•      Create a blank text file called myapp.txt in the root drive (c:\) and rename it to myapp.exe
•      Run FoolishIT’s Cryptoprevent
•      Install an anti-ransomware tool such as BD Antiransomware, MBAM Antiransomware, Kaspersky
        Antiransomware for business, etc.
•      …
20
 
LVL 97

Expert Comment

by:John Hurst
The overall advice to keep automatic updates on to keep updates current, keep Antivirus up to date and firewalls up to date is something we have said many times in here (sometimes to deaf ears).

Two really important points. Stop the excuses and dump all desktop operating system earlier than Windows 7 and all server operating systems earlier that Server 2008.

Second: get top notch spam filters. That is how this malware gets in.
3
 
LVL 14

Expert Comment

by:Natty Greg
I can not stress enough about proxy and spam filter, content filter along with gateway antivirus scanning, patching all systems and educating users.
2
What does it mean to be "Always On"?
LVL 4
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Ran into a problem today when trying to install Windows 10 Feature Updates on an Full Disk Encrypted (FDE) system.  The machine had DESlock+ installed onto it and was refusing to install the latest Build.

I used the following article to get round it:
https://support.deslock.com/index.php?/Default/Knowledgebase/Article/View/379

You need to Download the Media Creation tool, save an ISO and then install the DESlock+Win10Update utility:
https://support.deslock.com/resources/KB379/DESlock+Win10Updater.exe

When the Utility Runs, you need to point it at the mounted Win10 ISO.  It will then complete.
4
Brendan Eich, the creator of Javascript, is set to launch a digital ad platform tied to the Ethereum blockchain. Users who opt in to see the ads will be rewarded with a cryptographic token and will be shown fewer, more relevant ads. The data recorded from each user is encrypted and stored on their local machines while the aggregate numbers and trends will be stored publicly on the blockchain.

Personally, I run an ad blocker for the shear number of irrelevant ads and not because I do not wish to see them at all. If this solution provides me a better end user experience and fairly rewards the sites who host the ads then sign me up!
6

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.