Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Course Of The Month
2 days, 10 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
RansomwareSponsored by Webroot
61
Solutions
28
Articles & Videos
162
Contributors
Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.
Share tech news, updates, or what's on your mind.
Gain the added security of knowing you are prepared and properly protected against future ransomware attacks, such the Petya attack, with this free course! Premium members, Team Account members, and Qualified Experts have 3 days to enroll for June’s Course of the Month. Once you enroll, you have 30 days to complete the course.
0 Comments
Free Tool: SSL Checker
Petrwrap, specifically, targets the Master File Table (MFT), which is essential for your computer to find files on the computer. By targeting the MFT, the ransomware is able to attack individual files faster than if each file were to be encrypted one-by-one. The good news is… that Petrwrap is detectable by anti-virus tools. Unfortunately, if the anti-virus scanner is delayed in catching it, Petrwrap can easily get a foothold into the computer system and spreads very quickly. Moreover, the encryption is so strong, that it is unlikely to be able to break through the software and recover files.
Check out our blog post on “Why Vulnerability Assessments Are Insufficient” for more information on securing your servers.
http://www.uzado.com/blog/why-vulnerability-assessments-are-insufficient
Check out our blog post on “Why Vulnerability Assessments Are Insufficient” for more information on securing your servers.
http://www.uzado.com/blog/why-vulnerability-assessments-are-insufficient
Today's ransomware attack is spreading by SMB through the local network according to Marcus,
@MalwareTech, who stopped the last attack—known as WannaCry—and is working to stop this one.
Post your advice or news on the currently named "Petya" attack and be sure to ask any questions by tagging the topic "ransomware" to get solutions fast!
@MalwareTech, who stopped the last attack—known as WannaCry—and is working to stop this one.
Post your advice or news on the currently named "Petya" attack and be sure to ask any questions by tagging the topic "ransomware" to get solutions fast!
Many Firms Hit by Global Cyber Attacks - Petrwrap
Firms around the globe are reporting that they have been hit by a major cyber-attack. Some experts have suggested that it could be a ransomware attack, similar to Wannacry which hit last month. Alan Woodward, a computer scientist at Surrey University, said: "It appears to be a variant of a piece of ransomware that emerged last year.
More on this story via the BBC.
Active today
In the meantime, Ukraine Twitter social media account manager is handling this situation like a boss:
https://twitter.com/Ukraine/status/879706437169147906
https://twitter.com/Ukraine/status/879706437169147906
Origins of the attack are unknown.
https://www.theverge.com/2017/6/27/15879480/petrwrap-virus-ukraine-ransomware-attack-europe-wannacry
Once infected, the virus encrypts each computer to a private key, rendering it unusable until the system is decrypted.
https://www.theverge.com/2017/6/27/15879480/petrwrap-virus-ukraine-ransomware-attack-europe-wannacry
Web host agrees to pay $1m after it’s hit by Linux-targeting ransomware
https://arstechnica.com/security/2017/06/web-host-agrees-to-pay-1m-after-its-hit-by-linux-targeting-ransomware/
https://arstechnica.com/security/2017/06/web-host-agrees-to-pay-1m-after-its-hit-by-linux-targeting-ransomware/
Honda isn't alone in facing these challenges -- according to Reuters, competitors Nissan and Renault also stopped production at plants in Japan, Britain, France, Romania and India last month due to WannaCry attacks.
This attack should serve as a reminder that even if your business wasn't hit during the initial WannaCry outbreak, you may well still be vulnerable.
More on the latest WannaCry attack and how you can mitigate future attacks here.
This attack should serve as a reminder that even if your business wasn't hit during the initial WannaCry outbreak, you may well still be vulnerable.
More on the latest WannaCry attack and how you can mitigate future attacks here.
Is your NGFW recommended by NSS Labs?
Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the Security Value Map? See the map and download the full report today!
In this blog we highlight approaches to managed security as a service. We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP, Windows Server 2003 and 2008 - Both 32 and 64 Bit installs.
South Korean web host pays largest ransomware demand!
https://www.cnet.com/news/largest-ransomware-ever-demand-south-korea-web-host/?ftag=CAD2e9d5b9&bhid=20649128222365841531903270078310
https://www.cnet.com/news/largest-ransomware-ever-demand-south-korea-web-host/?ftag=CAD2e9d5b9&bhid=20649128222365841531903270078310
Active today
I get why the host company decided to pay the ransom to recover customer data, but it sure leaves a bad taste knowing the criminals got anything at all out of an extortion exercise like that, let alone the massive payout that was agreed on.
And what's a web host doing running a service like that without secured backups anyway? Boggles the mind..
And what's a web host doing running a service like that without secured backups anyway? Boggles the mind..
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others. This conference is aimed mainly at government agencies. So it addresses the various compliance issues with which they have to deal.
Only 10 days left to sign up for our ransomware prevention and preparation Course of the Month for June. With a 300% increase in ransomware attacks from 2015 to 2016, it is vital to decrease your vulnerability to the next attack and enhance your security by enrolling today.
South Korean web host pays largest ransomware demand ever.
https://www.cnet.com/news/largest-ransomware-ever-demand-south-korea-web-host/
https://www.cnet.com/news/largest-ransomware-ever-demand-south-korea-web-host/
Active 1 day ago
why to pay 1 Million, if you can do the same thing in a very less bucks.. http://bit.ly/2rJTnVj
Drew Frey writes articles on cyber security and ransomware protection. Follow him if you're interested in seeing new articles in those topics.
https://www.experts-exchange.com/members/Drew-Frey.html
https://www.experts-exchange.com/members/Drew-Frey.html
A $1 million payout in a ransomware case?! Well crap... That's worrisome. What'll the hackers do with that money? How many new attempts will this incentivize? What would you do in their place?
https://arstechnica.com/security/2017/06/web-host-agrees-to-pay-1m-after-its-hit-by-linux-targeting-ransomware/
https://arstechnica.com/security/2017/06/web-host-agrees-to-pay-1m-after-its-hit-by-linux-targeting-ransomware/
Active today
Restore last good version, apologize to clients, and probably end up losing clients would be the proper thing to do.
I would assume that if it was done due to damage control, paying up would lose me more clients and face then dealing with the issue at hand best as one can. This is a terrible incentive to these type of ransomware developers. They might now target this webhost on purpose in the future.
I would assume that if it was done due to damage control, paying up would lose me more clients and face then dealing with the issue at hand best as one can. This is a terrible incentive to these type of ransomware developers. They might now target this webhost on purpose in the future.
Active today
And the reality is now that this is public news they will lose all their customers anyway and probably be outta business within a month
If some hosting company can afford to pay that much money to get their data back they should have been able to employ someone for a lot less money to make sure it didn't happen in the first place
If some hosting company can afford to pay that much money to get their data back they should have been able to employ someone for a lot less money to make sure it didn't happen in the first place
Q1:
Is MS Windows AV defender bundled free with Win 10? Any specific
version of Win10 that it comes free?
Q2:
Win AV defender was touted as blocking the execution of Java, VB
scripts etc: does McAfee or Trendmicro do this as well? How does
Win AV defender compares in terms of ransomware protection
against other major AV vendors' ?
Q3:
Can Win AV defender coexist say with McAfee AV & McAfee HIPS agent?
Q4:
Do we need a separate EPO (just like McAfee) to update Win AV defender
signatures on users' PCs/laptops or WSUS will do? A few hundred PCs/
laptops in our corporate don't have Internet access
Is MS Windows AV defender bundled free with Win 10? Any specific
version of Win10 that it comes free?
Q2:
Win AV defender was touted as blocking the execution of Java, VB
scripts etc: does McAfee or Trendmicro do this as well? How does
Win AV defender compares in terms of ransomware protection
against other major AV vendors' ?
Q3:
Can Win AV defender coexist say with McAfee AV & McAfee HIPS agent?
Q4:
Do we need a separate EPO (just like McAfee) to update Win AV defender
signatures on users' PCs/laptops or WSUS will do? A few hundred PCs/
laptops in our corporate don't have Internet access
Transaction Monitoring Vs. Real User Monitoring
Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
For all you people who turn Updates OFF. Patch Tuesday today and miles of patches. BIG ones for Windows 10 and 7. Updates for XP and Servers. Hop to it.
Active today
There is no issue with having manual updates and checking weekly (servers).
My barb above was aimed at people who turn updates off and leave them off. Then they come in here wondering what happened.
My barb above was aimed at people who turn updates off and leave them off. Then they come in here wondering what happened.
Android ransomware variant uses clickjacking to become device administrator
https://www.symantec.com/connect/blogs/android-ransomware-variant-uses-clickjacking-become-device-administrator
https://www.symantec.com/connect/blogs/android-ransomware-variant-uses-clickjacking-become-device-administrator
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to thoroughly revise their security concepts.
Active today
Andrew, thanks for the feedback. I am aware that this article is mainly raising question while not answering many.
Maybe it's rather a starting point for discussions than sharing solutions.
You ask "So what's the solution? Shutting it all down..." which is the same that I ask in the article and I answer with "no" immediately afterwards.
You write "it's not quite fair to point blame on IT administrator's shoulders ...These guys more often than not work with tied hands" - that's exactly what I am saying. If the admin is not comfortable making his concerns heard, then he is not employed at the right place and should not fear to be replaced but leave on his own.
Before you start discussing - let's wait for other comments.
Maybe it's rather a starting point for discussions than sharing solutions.
You ask "So what's the solution? Shutting it all down..." which is the same that I ask in the article and I answer with "no" immediately afterwards.
You write "it's not quite fair to point blame on IT administrator's shoulders ...These guys more often than not work with tied hands" - that's exactly what I am saying. If the admin is not comfortable making his concerns heard, then he is not employed at the right place and should not fear to be replaced but leave on his own.
Before you start discussing - let's wait for other comments.
Active today
Some news that might be of interest for Americans: https://www.upguard.com/breaches/the-rnc-files
In short: US politicians payed for analysing voter opinions on US election-critical topics. Voter data (1,1 TB!) of 198 million Americans was uploaded to an amazon server but the access rights were incorrectly set - it was open to the public and the data was not encrypted. It leaked.
See what I am talking about?
In short: US politicians payed for analysing voter opinions on US election-critical topics. Voter data (1,1 TB!) of 198 million Americans was uploaded to an amazon server but the access rights were incorrectly set - it was open to the public and the data was not encrypted. It leaked.
See what I am talking about?
After the WannaCry ransomware attack, we sat down with Thomas Zucker-Scharff to get the inside information on the technology behind the attack and what steps you can take to prevent this in the future. Read more of his advice. Take a step toward your security by enrolling in our free Course of the Month covering ransomware security and prevention written by Thomas.
RansomwareSponsored by Webroot
61
Solutions
28
Articles & Videos
162
Contributors
Ransomware is malicious software, designed to block data access in order to extort money. As a form of malware, ransomware is most often used to infiltrate devices through infected emails or links that, in turn, recognize and take advantage of vulnerabilities in the operating system and installed third-party software.
Top Experts In
Ransomware
-
1
McKnife9,325 points -
2
btan6,072 points -
3
Experts Exchange4,305 points -
4
Andrew Leniart4,092 points -
5
John Hurst1,908 points -
6
dbrunton1,808 points -
7
Andrew Hancock (VMware vExpert / EE MVE^2)1,448 points -
8
David1,048 points -
9
noci1,048 points -
10
-MAS1,000 points -
11
John Tsioumpris1,000 points -
12
Shaun Vermaak1,000 points -
13
serialband900 points
-
14
Mike T664 points
-
15
SpiderlinK500 points -
16
mbkitmgr400 points -
17
Ramin400 points -
18
Lee W, MVP340 points -
19
Thomas Zucker-Scharff329 points -
20
Anush Gasparyan234 points -
21
Acronis215 points -
22
Christian Henning188 points -
23
Drew Frey182 points -
24
Luciano Patrão76 points -
25
Dermot Smyth70 points