Exploit This

Security News, Exploits, and Vulnerabilities.

PetrWrap: the new Petya-based ransomware used in targeted attacks

This year we found a new family of ransomware used in targeted attacks against organizations. After penetrating an organization’s network the threat actors used the PsExec tool to install ransomware on all endpoints and servers in the organization. The next interesting fact about this ransomware is that the threat actors decided to use the well-known Petya ransomware to encrypt user data.

The banker that encrypted files

Many mobile bankers can block a device in order to extort money from its user. But we have discovered a modification of the mobile banking Trojan Trojan-Banker.AndroidOS.Faketoken that went even further – it can encrypt user data. In addition to that, this modification is attacking more than 2,000 financial apps around the world.

Research on unsecured Wi-Fi networks across the world

Confidential data can be protected by encrypting traffic at wireless access points. In fact, this method of protection is now considered essential for all Wi-Fi networks. But what actually happens in practice?

The return of HackingTeam with new implants for OS X

A few days ago, Patrick Wardle published an analysis of a new Backdoor and Dropper used by HackingTeam. It looks like the samples mentioned in the blog were found in-the-wild, so we decided to see how this latest Backdoor works.

The Lowdown on the Apple-FBI Showdown

Many readers have asked for a primer summarizing the privacy and security issues at stake in the the dispute between Apple and the U.S. Justice Department, which last week convinced a judge in California to order Apple to unlock an iPhone used by one of assailants in the recent San Bernardino massacres. I don’t have much original reporting to contribute on this important debate, but I’m visiting it here because it’s a complex topic that deserves the broadest possible public scrutiny.

Microsoft Security Updates January 2016

с новым годом! Microsoft rings in the New Year with a new set of ten security bulletins MS16-001 through MS16-010, patching 24 CVE detailed vulnerabilities. These bulletins effect Microsoft web browsers and plugins, Office software, Windows system software, and Exchange mail… Read Full Article

Coinvault, are we reaching the end of the nightmare?

After obtaining the new MD5 hashes for the CoinVault files, we set out to find more clues, more files, and to analyse what these new malware variants had to reveal. However, the best thing was that, based on our analysis, the National High Tech Crime Unit of the Dutch police was able to apprehend two suspects last Monday.

‘Locked Out’

In this article we look at the evolution of complication of the encryption schemes used by virus writers and the methods they adopt to put pressure on their victims. At the end of the article there is some advice for users which might help them protect important files.

%d bloggers like this: