Showing posts with label ransomware. Show all posts
Showing posts with label ransomware. Show all posts

Friday, 30 December 2016

Ransomware Update

Yes, it has been a while since I posted anything here. Sorry about that, to both my readers. Here are a couple of things that have just come to my attention.

An article by Catalin Cimpanu for Bleeping Computer: It's Almost 2017 and Users Are Still Getting Infected with Malware via Fake AV Software. It includes instances of a Remote Access Trojan and ransomware distributed as security software.

While KillDisk moves from disk-wiping to ransomware - avien.net/blog/2262-2/

David Harley



Posted by at No comments:
Labels:

Saturday, 12 November 2016

TeleCrypt

Kaspersky Labs on Telecrypt: The first cryptor to exploit Telegram
Sounds as if data is recoverable without paying the crooks, at present. 
David Harley
Posted by at No comments:
Labels: , ,

Friday, 11 November 2016

Ransomware FAQ from Kaspersky

Everything you need to know about ransomware by John Snow, for Kaspersky.  I think the title is a bit hyperbolic, but it could be a useful introduction. 

 David Harley
Posted by at No comments:
Labels:

Wednesday, 2 November 2016

Paying the ransom doesn't always pay

Article for AVIEN: To pay the ransom doesn't always pay off

According to Kaspersky, one in five users who pay the ransom don't get their files back.

 David Harley
Posted by at No comments:
Labels: , ,

Saturday, 8 October 2016

Do businesses really pay up ransom?

Can’t Pay, Won’t Pay?


Pointer on AVIEN to an article suggesting not. Katherine Richards is talking about businesses rather than home users: a reasonably good generalist article, though, with commentary from big names such as Ryan Naraine and Paul Vixie.

David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: ,

Thursday, 6 October 2016

Backup, PR Pressure and Ransomware

Blog article for AVIEN on Backup, PR Pressure and Ransomware.

David Harley
Posted by at No comments:
Labels: ,

Tuesday, 30 August 2016

Trend Micro: Locky as encrypted DLLs

Trend Micro: Locky Ransomware Now Downloaded as Encrypted DLLs

Added to AVIEN resource page.

David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: ,

'Fairware' Linux Ransomware

Reported on Bleeping Computer here.
Description by David Bisson for Tripwire: Website Down? New FairWare Ransomware Could Be Responsible
David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: , , ,

Sunday, 28 August 2016

Ransomware - reorganized AVIEN resource page

I’ve intended for a while to break out some of the scattered information in the ransomware resource page and sub-pages into its own Ransomware Recovery and Prevention page.
And finally got around to it.
Much of the same information (and more) remains in the Ransomware Resources page and/or sub-pages. (Sorry, but I’m happy to duplicate information where appropriate. If I had more time to spend on this page, there’d probably be less duplication, but I haven’t…)
However, the new(-ish) page is better organized and more immediately useful (I hope) for people who are interested in barebones recovery and prevention information.
David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: , , , ,

SC Magazine & paying ransomware

In an article called Ransomware locks experts in debate over ethics of paying, Bradley Barth picks up on a point I made in my blog article for ESET - Ransomware: To pay or not to pay?. He quotes both my article for ESET and some subsequent commentary by my friend and colleague Stephen Cobb. I may come back to this elsewhere, possibly AVIEN.

David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: , , ,

Friday, 26 August 2016

Quick round of ransomware links on AVIEN

Ransomware links posted on AVIEN: http://avien.net/blog/quick-links-roundup/

Also added to ransomware resources pages.
  • Alma
  • Globe
  • Wildfire
David Harley
ESET Senior Research Fellow

Posted by at No comments:
Labels: ,

Tuesday, 23 August 2016

DetoxCrypto ransomware

DetoxCrypto ransomware - AVIEN

Commentary by David Bisson for Graham Cluley’s blog: DetoxCrypto ransomware-as-a-service rears its ugly head
Info added to resources pages.
David Harley
ESET Senior Research Fellow
Posted by at No comments:
Labels: , ,

Monday, 22 August 2016

Ransomware: Paying v. Not Paying

An article by me for ESET, sparked off by a conversation with Kevin Townsend, in the wake of research commissioned by Malwarebytes, on the pros and cons of paying to get your data back after a ransomware attack.

Read more here: Ransomware: To pay or not to pay?

David Harley
ESET Senior Research Fellow



Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)