-
UmbreCrypt Ransomware manually installed via Terminal Services
A new CrypBoss ransomware variant has been released called UmbreCrypt. This ransomware family encrypts a victim's data with AES encryption and then requires them to email the developers for payment instructions. At this time there is no way to decrypt these files for free,
- February 10, 2016
- 10:51 AM
5
-
Google is giving away extra Google Drive Storage for performing a Security Checkup
In honor of Safer Internet Day, Google is giving away 2GB of extra storage for completing their Security Checkup. This checkup will walk you through a series of checks to make sure you are using Google in the most secure manner possible.
- February 09, 2016
- 07:21 PM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Oracle, Adobe, and Microsoft Release Updates for Critical Vulnerabilities
Today Microsoft, Oracle, and Adobe all released security updates for critical vulnerabilities in their products. Critical vulnerabilities allow attackers to execute commands on the vulnerable computers that could allow them to download and installer further programs without your permission.
- February 09, 2016
- 06:33 PM
- 0
-
DMA Locker Ransomware targets Unmapped Network Shares
A new ransomware called DMA Locker was discovered by a Malwarebytes researcher last week. One feature that has not been discussed yet is its ability to encrypt files located on unmapped network shares. Thankfully, earlier versions of this ransomware can be decrypted for free using a utility by Fabian Wosar of Emsisoft.
- February 08, 2016
- 02:16 PM
- 5
-
NanoLocker Ransomware can be Decrypted if Caught Early
A new ransomware was discovered last week that incorporates some interesting features such as ICMP communication with Command & Control server and a unique payment/key retrieval mechanism. This ransom also has a flaw in its key storage method that could allow user's to retrieve their decryption key under the right circumstances.
- February 04, 2016
- 12:55 PM
- 2
-
Oracle Removing Browser Plugin Support in Future Versions of Java
Oracle announced yesterday that they will be deprecating the use of Java browser plugins starting in JRK 9, with it ultimately being removed altogether in future versions of the Java runtime environment. This is a important step in browser security as Java is a common target for exploit kits and attackers.
- January 29, 2016
- 11:08 AM
- 0
-
7ev3n Ransomware trashes your PC and then demands 13 Bitcoins
A new ransomware has been spotted called 7ev3n that encrypts your data and demands 13 bitcoins to decrypt your files. A 13 bitcoin ransom demand is the largest we have seen to date for this type of infection, but this ransomware also has another surprise as it does a good job trashing your system.
- January 26, 2016
- 05:45 PM
- 10
-
Emsisoft releases Decrypter for the LeChiffre Ransomware
A vulnerability for the LeChiffre ransomware has been discovered that allows Fabian Wosar of Emsisoft to create a free decryptor for it. This articles explains how to use the decrypter to recover files encrypted by LeChiffre for free.
- January 25, 2016
- 11:52 PM
- 9
-
Malwarebytes releases new Anti-Ransomware Beta Software
Today Malwarebytes released their latest security offering called Malwarebytes Anti-Ransomware. Malwarebytes Anti-Ransomware, or MBARW for short, is currently in beta and is a small utility that runs in the background while quietly monitoring computer for behavior associated with file encrypting ransomware.
- January 25, 2016
- 10:27 PM
- 10
-
Hidden Tear Ransomware Developer Blackmailed by Malware Developers using his Code
In a post on the BleepingComputer.com forums, the developer of the Magic Ransomware infection is blackmailing the author of the open source Hidden Tear and EDA2 Ransomware Project. The malware developer's demands are simple; take down the Hidden Tear project or their Magic ransomware's victims lose their keys forever.
- January 25, 2016
- 06:58 PM
- 1
-
New Magic Ransomware developed from open source EDA2 Ransomware
A new ransomware has been discovered that utilizes the open source ransomware kit called eda2. This ransomware will encrypt your data with AES encryption, append the .magic extension to encrypted files, and then demand 1 bitcoin to decrypt your data.
- January 23, 2016
- 09:37 AM
- 1
-
Chrome 48 released with Security Fixes and New Features
Google 48 is here and includes 37 security fixes and bunch of new features. These features include the custom notification buttons, the deprecation of the RC4 encryption protocol, and the ability to present to Google cast devices.
- January 21, 2016
- 11:10 AM
- 0
-
TeslaCrypt Decrypted: Flaw in TeslaCrypt allows Victim's to Recover their Files
Now that TeslaCrypt 3.0 has been released and the malware developer has fixed a flaw in his program, we are releasing information on how to decrypt files encrypted by earlier variants. This article explains how volunteers cracked TeslaCrypt's encryption key storage algorithm to help people recover their files for free.
- January 20, 2016
- 08:15 AM
- 44
-
Apple Releases Security Updates for Safari, iOS, and OS X
Apple released security updates today for Safari, OS X, and iOS that resolve critical vulnerabilities that could lead to remote code execution. Remote code execution vulnerabilities allow an attacker to create specially crafted web sites or files that could allow the attacker to execute commands and programs on vulnerable platforms.
- January 19, 2016
- 06:34 PM
- 1
-
EA's Subscription-Based Gaming Service coming to the PC as Origin Access
Electronic Arts their gaming subscription service on the PC as Origin Access. Previously, this service was exclusive to XBOX One users under the name EA Access, but has now been expanded to the PC. This service offers unlimited gaming from select games as well as exclusive discounts towards their titles.
- January 14, 2016
- 09:30 AM
- 0
-
Get Updating! Microsoft and Adobe release Critical Updates
Today Microsoft and Adobe both released updates for numerous critical remote code execution vulnerabilities in their products. It is strongly advised that every Windows, Adobe Acrobat, and Adobe Reader user install these updates immediately.
- January 12, 2016
- 07:23 PM
- 1
-
TeslaCrypt 3.0 Released with Modified Algorithm and .XXX, .TTT, and .MICRO File Extensions
The TeslaCrypt developers release version 3.0 of their ransomware infection, which includes a modified encryption algorithm and the .XXX extension for encrypted files.
- January 12, 2016
- 03:28 PM
- 88
-
QuickTime Update addresses Multiple Remote Code Execution Vulnerability
A security update has been released for QuickTime that resolves numerous remote code execution and application termination vulnerabilities. QuickTime 7.7.9 has been released to fix these updates and all users are advised to install it immediately.
- January 08, 2016
- 12:10 PM
- 0
-
VMware issues Security Advisory for Shared Folders Feature
A security advisory has been released by VMware for a Windows-based guest privilege escalation vulnerability that affects VMware ESXi, Fusion, Player, and Workstation. It is suggested that all users of these products upgrade to the latest patch immediately.
- January 07, 2016
- 10:03 PM
- 0
-
The CryptoJoker Ransomware is nothing to Laugh About
A new ransomware has been spotted called CryptoJoker that encrypts your data with AES-256 encryption and then demands a ransom to recover your files.
- January 03, 2016
- 09:10 PM
- 13
1
