vyagers

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. Continue reading →

Vulnerability in Azure AD Connect Could Allow Elevation of Privilege

Continue reading →

We received credible reports today that a copy of our user database has been leaked, including the email addresses and encrypted passwords of only those 8tracks users who signed up using email. If you signed up via Google or Facebook authentication, then your password is not affected by this leak. 8tracks does not store passwords in a plain text format, but rather uses one-way hashes to ensure they remain difficult to access. These password hashes can only be decrypted using brute force attacks, which are expensive and time-consuming, even for one password. Continue reading →

A German email provider has closed the account of a hacker behind the new ransomware outbreak, meaning victims can’t get decryption keys.

Continue reading →

Like earlier ransomware worm, new attacks use potent exploit stolen from the NSA.

Continue reading →

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar: Continue reading →

A massive attack erupted today (June 27) worldwide, with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. Continue reading →

Watch out, readers! It is ransomware, another WannaCry, another wide-spread attack.
The WannaCry ransomware is not dead yet and another large scale ransomware attack is making chaos worldwide, shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins. Continue reading →

In issue 1260 I discussed Microsoft’s “apicall” instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if this was intentionally exposed, and they replied “The apicall instruction is exposed for multiple reasons”, so this is intentional. Continue reading →

The Register article https://www.theregister.co.uk/2017/06/2 … s_10_leak/ has got BetaArchive a fair amount of attention this evening. They claim, and I quote “32TB of Windows 10 internal builds, core source code leak online”. Continue reading →