Tagged With ransomware


Most internet users wouldn't want to share their browsing history with the rest of the world. (It's one of the reasons 'incognito mode' is so popular - despite not actually working as advertised.)

This is especially true of people who look at questionable online material. So what would you be willing to pay if someone had a secret recording of you watching porn, taken on your webcam?


It's been a year since WannaCry caused massive disruption to companies all over the world. The highly virulent ransomware, which was able to exploit an NSA-created tool called EternalBlue, was able to deliver its payload by using a flaw in the SMB 1 protocol. A year later, ESET has found EternalBlue is still a substantial threat.


Ransomware is one of the most damaging threats to our data. And while it used to be about attacks on single devices, we saw the threat evolve this year with the WannaCry and Petya/Not Petya attacks where threat actors found new ways to weaponise other vulnerabilities to deliver ransomware payloads that cost businesses hundreds of millions of dollars. And cloud services are fuelling both the attackers and defenders in their strategies.


It seems that we can't get through a week without some new cyber-nasty rearing its ugly head. I'm finding the best part of all this is the imaginative names that new threats come with. It's like the bad guys have marketing departments. So, this week, the ransomware marketing machine has dredged up BadRabbit.


Ransomware attacks are an everyday occurrence. Whenever I speak to people at security events, almost every single company has been hit in some way. Some only find out about it when users call the internal help desk because they're "curious" about Bitcoin but others are hit far harder.


Experts at a security round table event in Sydney yesterday said business owners are too focussed on what's going on now, inside their businesses, and not looking at outside threats. As a result, when events such as WannaCry and NoPetya strike, they are unprepared and get hit hard.


Following the WannaCry and Petya/GoldenEye/NoPetya ransomware events, you'd think software companies would be quick to remove the need for SMB 1. This was the protocol exploited by the malware developers that allowed those attacks to spread so quickly. Microsoft has released a lit of developers still demanding SMB 1 support.


WannaCry was the first major attack using tools developed from the NSA’s EternalBlue toolkit that were made available to the world following a leak published by Wikileaks. Last night, another ransomware attack was launched and this one doesn’t encrypt files - it encrypts drives.

Shared from Gizmodo


Data backups can save your skin from all kinds of IT mishaps like dropping your laptop in a lake or having a virus blast through your hard drive. You should be backing everything up! Thanks to the recent spree of ransomware attacks, it's once again time to evaluate your backup system, so you're prepared in the event that some malicious actor locks up your computer.


Dear Lifehacker, I always take my thumb drive wherever I go. I'm also a bit absentminded. I want to guarantee my thumb drive gets returned to me if I ever lose it. My idea is to have malware hidden on the drive in a specific folder labelled 'porn101' or 'myprivatefiles'. If the person opens that file, it will automatically encrypt their computer and ask them to email me to get the unlock code. (I will give it to them once they return the thumb drive to me, of course.)

Which brings me to my question - is this legal? It's not like I'm demanding money or anything. I just want my property back!