Another day, another ransomware alert threatening to undo your precious, if a bit broken, Windows 10 device. A team of researchers have found a particularly nasty package that forces your PC into Safe Mode and then exploits it. Here's what you need to know.
Tagged With ransomware
It's no secret that Microsoft's Windows 10 updates have been controversial as of late. They've been filled with patches fixing previous updates' bugs only to create more issues. Now, there's a whole new problem altogether: Fake ransomware-filled updates.
A crucial security feature in Windows Defender comes disabled by default: Ransomware Protection. That’s surprising, since ransomware is a serious threat that locks down your device and blocks you from accessing your data until you pay your attacker. It’s even more surprising when you consider that Ransomware Protection was added way back in the October 2017 Windows 10 update.
A new Android threat was recently discovered by ESET researchers, and it has a quirky adult theme that might be enough to sucker unsuspecting users into installing it.
Most internet users wouldn't want to share their browsing history with the rest of the world. (It's one of the reasons 'incognito mode' is so popular - despite not actually working as advertised.)
This is especially true of people who look at questionable online material. So what would you be willing to pay if someone had a secret recording of you watching porn, taken on your webcam?
It's been a year since WannaCry caused massive disruption to companies all over the world. The highly virulent ransomware, which was able to exploit an NSA-created tool called EternalBlue, was able to deliver its payload by using a flaw in the SMB 1 protocol. A year later, ESET has found EternalBlue is still a substantial threat.
According to a new security report by Malwarebytes, Ransomware attacks were up ten-fold last year on the back of the WannaCry and NotPetya attacks. And the bad guys are spreading their resources with attacks using a number of there tools all on the rise. In short, it's been a bad 12 months for those protecting systems and threat actors have reaped a bumper crop.
Ransomware is one of the most damaging threats to our data. And while it used to be about attacks on single devices, we saw the threat evolve this year with the WannaCry and Petya/Not Petya attacks where threat actors found new ways to weaponise other vulnerabilities to deliver ransomware payloads that cost businesses hundreds of millions of dollars. And cloud services are fuelling both the attackers and defenders in their strategies.
It seems that we can't get through a week without some new cyber-nasty rearing its ugly head. I'm finding the best part of all this is the imaginative names that new threats come with. It's like the bad guys have marketing departments. So, this week, the ransomware marketing machine has dredged up BadRabbit.
Following the WannaCry and Petya/GoldenEye/NoPetya ransomware events, you'd think software companies would be quick to remove the need for SMB 1. This was the protocol exploited by the malware developers that allowed those attacks to spread so quickly. Microsoft has released a lit of developers still demanding SMB 1 support.
The WannaCry ransomware was barely out of the headlines when another cyberattack took down computer systems around the world. This time, a piece of malware dubbed “NotPetya” is to blame. And unlike WannaCry, it has no clear “kill switch” as it spreads across infected networks.
Although it less than two days since the Petya ransomware outbreak, the job of working out where the outbreak started and who is responsible has started. Based on telemetry they received, Microsoft believes the software updater for MEDoc - a Ukrainian tax software application - was the initial source of at least some infections.