Ransomware is a type of malicious software (malware) when infected with encrypts all the important files such as documents, pictures, movie file etc with a virtually unbreakable encryption key. Here we have compiled some of the Good-reads blogs, articles, freely available Decryptors and removal kits to keep you up-to-date on the latest happenings in the Ransomware space.
1. (Free tools) AVG announces 6 new free decryption tools to retrieve your encrypted files : AVG has come out with six new tools designed to fight this affliction. Each is for a different form of this malware.
According to AVG These new free tools are for the decryption of six current Ransomware strains: Apocalypse, BadBlock, Crypt888, Legion, SZFLocker, and TeslaCrypt.
2. Locker Ransomware author dumps database of private keys, apologizes : Allegedly, the author of the "Locker" ransomware has uploaded a dump of the C2 server database, releasing private keys of infected hosts worldwide to the public. The "author" claims that the release was a mistake, that no further keys will be utilized for encryption, and that automatic decryption of all affected hosts will begin on June 2nd 2016
3. (Free tool) ESET releases new free decryptor for TeslaCrypt ransomware: After TeslaCrypt authors announced that they are closing down their operations and made public their Universal master decryptor key, ESET created a free decryptor tool to unlock files affected by all variants between 3.0.0 and 4.2 of this Ransomware.
4. Ransomware removal kit published online, helps streamline infection response: A security researcher has made a Ransomware removal kit available online with the hope that it will help security professionals and system administrators alike in responding to instances of Ransomware infection. Researcher Jada Cyrus has published the kit on Atlassian Bitbucket. The kit itself consists of removal tools for common ransomware variants, as well as guides on how to perform the necessary removal tasks.
5. What is Ransomware and 15 Easy Steps To Keep Your System Protected [Updated]: A very comprehensive and updated guide on Ransomware. This Blogs outlines target vectors, attack anatomy, Ransomware families and much more.
( Read More: Checklist To Evaluate SIEM Vendors )
6. Behaviour analysis of CERBER ransomware: The Ransomware so called CERBER has been out since early march according to TrendMicro and so far has used different techniques for delivering the payload to the victim. For instance it has been seen to use compressed JavaScript files (.zip) or in other instances using Windows Script Files (WSFs) which had XML content and then executed by Windows’ wscript.exe utility.
7. When the cryptolocker strikes: Reasons for ransomware success and ways to prevent : What factors lead to the high success of cryptolockers, a type of Ransomware that scrambles your files and asks for a ransom to recover them again?
8. Catching Ransomware infections with a Honeypot script & integration into Zerto Virtual replication: This script uses the honeypot technique to detect Ransomware infections by comparing 2 files, a honeypot file and a witness file.
9. "Zepto" the new threat: Analysis and anatomy of New Ransomware known as "Zepto". The blog talks about how Zepto infects target computer and how to detect for its behaviour.
10. How to trade Bitcoins: Practically, all Ransomware attackers demand ransom in Bitcoins. Bitcoin are a relatively new currency which has significantly increased in value over the past few years. Bitcoins are known as a cryptocurrency and can be traded in order to earn money.
11. Ransomware thats 100% pure Javascript, no download required: By the start of 2016, many crooks were steadily shifting their infection strategy as the world began to realise that enabling macros was a really bad idea. These days, a lot of ransomware arrives in JavaScript attachments and this blogs analyses and presents the challenges associated with the same.
( Read More: ATP( Advanced Threat Protection) Technology Stack )
Comments