Quantcast

Archive: 2016

Remove OSIRIS ransomware and decrypt .osiris extension files

A brand-new iteration of the deleterious Locky ransomware is out. Expert reports about the update started to appear on December 5, which is almost a fortnight after the ZZZZZ precursor surfaced. The latest tweak means that the files affected by Locky will now have the .osiris extension appended to them,...

Bitdefender 2017 Black Friday Up to 60% off

Privacy-PC is officially opening the Christmas shopping season with a fantastic deal. With the featured promotion in store for our esteemed visitors, Black Friday 2016 couldn’t possibly get any more secure. Ready? Here we go! Get up to 60% off on the award-winning Bitdefender products for Windows, Mac OS...

5 Reasons to Use a VPN Service

There are so many benefits to using a VPN service when browsing the Internet, it shocks me that so many people do without. If you’re one of those wondering whether you should sign up with a VPN provider, let me convince you to do so with the following five reasons – I’m confident they’ll help you...

Remove Thor ransomware and decrypt .thor extension files

As the recent Thor ransomware release has demonstrated, the threat actors in charge are adding a fair degree of incoherence to the average time span between different variants of the Locky crypto epidemic. Whereas the timing used to be on the order of three months, it took the bad guys as little as one day...

The New Scourge of Ransomware 6: CryptoLocker Takedown

Finally, John Bambenek and Lance James touch upon Operation Tovar that ended CryptoLocker campaign, and dwell on the lessons learned from this whole incident. John Bambenek: Operation Tovar, going on to takedown (see right-hand image). Law enforcement agencies of 13 countries and lots of individuals and...

Recuva review: Piriform Recuva Free&Professional download

0/$24.95 Recovering various types of deleted data is fast, easy and effective with Recuva by Piriform. Usability:  Features:  Efficiency:  Support:  Overall:  Download Recuva, a lightweight freeware applet by Piriform, is one of the world’s most effective solutions aimed at...

The New Scourge of Ransomware 5: Human Intelligence Findings on CryptoLocker

The security experts keep on providing CryptoLocker facts that they were able to discover, including HUMINT details, victim communication and HDD forensics. Lance James: We’re also sending a message quickly, and we need to keep that message going. You even saw the FBI has been doing it lately, they’re...

The New Scourge of Ransomware 4: CryptoLocker Study in Contradictions

As part of their story on CryptoLocker analysis, John Bambenek and Lance James dwell on the methodology of tracking the ransomware via payments and DGA. John Bambenek: So, taking a look at CryptoLocker. A lot of this was a study in contradictions, because there were indicators that did not seem, at least on...

HitmanPro.Alert 3.5 with CryptoGuard review

$24.95 HitmanPro.Alert 3.5 with CryptoGuard bridges the security gap in 0day and ransomware attack scenarios. Usability:  Features:  Efficiency:  Support:  Overall:  Download While the world’s largest antimalware labs are at their wit’s end trying to contrive a solution...

The New Scourge of Ransomware 3: Recovery and Defenses

The experts shift their focus over to CryptoLocker attack mitigation and touch upon the cooperation of law enforcement and security industry on this case. John Bambenek: So, a little bit of recovery and defenses (see right-hand image). A lot of this is best practice stuff. If you get your files encrypted,...

The New Scourge of Ransomware 2: The Business Model Behind CryptoLocker

As the presentation continues, the researchers share their findings on the uniqueness of CryptoLocker ransomware and the reasons it was such a viable threat. John Bambenek: In August 2013, CryptoLocker appears. I get a call from one of my clients – that’s how I first found it – from a local government...

The New Scourge of Ransomware: A Study of CryptoLocker and Its Friends

Security experts Lance James and John Bambenek tell the Black Hat USA audience how they got together on the CryptoLocker ransomware case and how it went. Black Hat USA host: With no further ado, I will introduce our speakers today. We have John Bambenek and Lance James. Lance James: So, everybody knows what...

Cerber ransomware: virus removal and file recovery

Cybercriminals keep on devising intricate instruments in pursuit of a more efficient online extortion. Compared to the myriads of crypto ransomware floating around the worldwide web these days, the one named Cerber appears to be more advanced as it accommodates a few out-of-the-ordinary properties....

Locky ransomware: virus removal and decryption advice

The victims of ransom Trojans incur a great deal of damage because the thing at stake is their personal data. The indicators of compromise when it comes to ransomware are rather straightforward. These malicious programs don’t conceal the impact that they impair to users, displaying step-by-step tutorials...

Zepto extension virus: files restoration and ransomware removal

Crypto ransomware programs come and go, but the idea of online extortion stays and perseveres with its progress. Having vanished from the antimalware radars for a while, the sample called Locky recently reappeared with a number of new features. Researchers consider the latest spike in its propagation to be...

Most ransomware isn’t as complex as you might think 3: Attack payloads and mitigation

Lastline Labs’ Engin Kirda now describes the encryption, deletion and locking mechanisms leveraged by ransomware and also focuses on mitigation techniques. So what are the attack payloads? Encryption, of course, is a popular thing. About 5% of the samples that we actually looked at were using some sort of...

Most ransomware isn’t as complex as you might think 2: Evolution of ransom Trojans

The evolution of ransomware code and behavior since the emergence of these hoaxes up till the present day is what Engin Kirda covers in this part of his talk. So how has ransomware evolved over the years? Well, the ransomware concept actually dates back to the end of the 80s – the beginning of the 90s,...

Most ransomware isn’t as complex as you might think

Engin Kirda, the co-founder of Lastline Labs, took the floor at Black Hat USA to give a retrospective view of ransomware and analyze its present-day flaws. Hi! Good afternoon everyone. Thanks for showing up. I have the pleasure of having the last session. Hopefully it’s not the curse of having the last...

Explorations in Data Destruction 8: Electric Techniques

Zoz now stages experiments with high voltage as a method to demolish SSD drives and provides a general summary on destruction techniques that work the best. I have to go really fast now with electric. There aren’t too many things in there (see right-hand image). The goal was, you know, we’ve got...

Explorations in Data Destruction 7: Diamond Charge and Blast Suppression

Having conducted enough experiments with the Munroe effect over shaped charges, Zoz decides to try diamond charges and a blast suppression technique. So I feel good about shaped charges, but there’s one other charge I wanted to try, which is a diamond charge (see right-hand image). The EOD folks use these...

Explorations in Data Destruction 6: Oil Well Perforators

Courtesy of a neighboring bomb squad, Zoz gets the chance to play around with oil well perforators by utilizing them in his staged data demolition experiments. Alright, moving on, the bomb squad said to us “Oh, by the way, we have hundreds of these oil well perforators that we want to get rid of. Would...

Explorations in Data Destruction 5: The Munroe Effect

Zoz continues his series of HDD destruction experiments as he gives annular and radial shaped charges a shot and tries the compression welding technique. The stearic acid turns out to be a really important component of this explosive. And if you don’t get that amount right, it doesn’t work. So this is a...

Explorations in Data Destruction 4: Kinetic Methods

This part of Zoz’ research is a 101 on HDD demolition through physical damage rather than heat, so find out what techniques he leveraged and how it all went. Alright, moving on to part 2 – kinetic (see right-hand image). The goal here was to deform, spindle, mutilate the drive, basically, severely...

Surprise, Hackers Use TeamViewer to Spread Ransomware

Security analysts mostly deal with ransomware attacks deployed through exploits, booby-trapped email attachments, or Microsoft Office loopholes occurring when users are tricked into enabling macros. A series of recent onslaughts, however, stand out from the crowd because the offenders have been taking...

Explorations in Data Destruction 3: Beyond Straight Thermite

As Zoz keeps experimenting with thermal methods to completely ruin HDDs, he tries more substances based on thermite and draws some interesting conclusions. So alright, I wasn’t ready to give up yet. I know that in military thermite grenades they actually don’t use straight thermite – they use what...

Explorations in Data Destruction 2: Thermal Techniques

Having highlighted the goals and rules for the research, Zoz demonstrates HDD destruction attempts via a couple of thermal methods, including oxygen injection. So method number one, the good old plasma cutter (watch video below). Starting off keeping things simple. I had used plasma cutters many times and I...

Zoz – And That’s How I Lost My Other Eye… Explorations in Data Destruction

This DEF CON 23 presentation by Dr. Andrew ‘Zoz’ Brooks turned out a blast, so read about the ways to destroy data on hard disks, and don’t try this at home. Hello DEF CON! I’m actually going to break with tradition this time and start one minute early, because I have so much shit to show...

Remote Exploitation of an Unaltered Passenger Vehicle 7: Cyber Physical Action

This is the final part of Black Hat USA presentation by Charlie Miller and Chris Valasek, where they show a few demos of what can be done to a car remotely. Charlie Miller: We figured out eventually how to do that. Chris Valasek: These are the Lua scripts that we would use to actually send CAN messages on...

Remote Exploitation of an Unaltered Passenger Vehicle 6: Exploit Chain

The researchers continue looking into the vehicle attack workflow and examine cyber physical internals as well as the checksums to be able to control the Jeep. Chris Valasek: Let’s go through, very simply, how this works. You get on a cell network. You have your cell phone, you have your laptop, you have...

Remote Exploitation of an Unaltered Passenger Vehicle 5: Sending CAN Messages

Charlie and Chris venture to reach a new level of vehicle compromise by exploiting the V850 microcontroller’s firmware to remotely issue arbitrary commands. Charlie Miller: So far in this story, we could only play with your radio. It’s kind of cool, but not super-cool. Chris Valasek: What we had to do...