a completely proactive and signature-less technology that is able to detect and block even the most dangerous of ransomware variants like CryptoWall4, CryptoLocker, Tesla, and CTB-Locker. Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough evidence Read more about Introducing Malwarebytes Anti-Ransomware Beta[…]

Bitdefender Anti-Ransomware prevents the following families of ransomware from encrypting your files: CTB-Locker, Locky, Pertya, and TeslaCrypt. Bitdefender cannot guarantee the effectiveness of the tool against different strains of ransomware, nor be held liable for the loss of sensitive data. Source: Anti Ransomware Tool Shame…

Cryptostalker and the original project randumb are the work of Sean Williams, a developer from San Francisco. Mr. Williams wanted to create a tool that monitored the filesystem for newly written files, and if the files contained random data, the sign of encrypted content, and they were written at high speed, it would alert the Read more about Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux[…]

Let’s try to generically thwart OS X ransomware via math! By continually monitoring the file-system for the creation of encrypted files by suspicious processes, RansomWhere? aims to protect your personal files, generically stopping ransomware in its tracks. Source: Objective-See

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to Read more about The No More Ransom Project: tools and howtos to decrypt ransomware from the EU[…]

Edit: It seems that this system creates a whole load of bogus files and dirs and monitors them, not the whole file system. This pollutes the file system and means that people can quite easily write around it. Every ransomware program goes over files, chooses the ones that look interesting, encrypts them and destroys the Read more about Cybereason Introduces: Free Behavioral-Based Ransomware Blocking[…]

New research from Lancaster University, Northwest University in China, and the University of Bath, which benefitted from funding from the Engineering and Physical Sciences Research Council (EPSRC), shows for the first time that attackers can crack Pattern Lock reliably within five attempts by using video and computer vision algorithm software. By covertly videoing the owner Read more about Your Android device’s Pattern Lock can be cracked within five attempts[…]

The group – Yinzhi Cao and Song Li of from Lehigh University in Pennsylvania, and Erik Wijmans from Washington University in St. Louis – have worked out how to access various operating system and hardware-level features that can fingerprint an individual machine, regardless of browser. These include screen resolution with zoom; CPU virtual cores; installed Read more about It’s not just your browser: Your machine can be fingerprinted easily[…]

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline Read more about WhatsApp backdoor allows snooping on encrypted messages[…]

MongoDB databases are being decimated in soaring ransomware attacks that have seen the number of compromised systems more than double to 27,000 in a day. Criminals are accessing, copying and deleting data from unpatched or badly-configured databases. Administrators are being charged ransoms to have data returned. Initial attacks saw ransoms of 0.2 bitcoins (US$184) to Read more about MongoDB ransom attacks soar, body count hits 27,000 in hours[…]

The attack vector is manifest when victims select autofill while filling out registration forms: attackers hide sensitive fields like street address, date of birth, and phone number, displaying only basic entry boxes like name and email. Users who type the start of their names will generate a prompt that when selected will throw an option Read more about Autocomplete hidden form fields a novel phishing hole for Chrome, Safari crims[…]

We’re excited to announce the release of Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. We’ve developed over 80 test cases which have uncovered more than 40 security bugs (some tests or bugs are not open sourced today, as they are being fixed by vendors). For example, we Read more about Google releases crypto library checker tools[…]

To everyone else, get patching Source: Dear hackers, Ubuntu’s app crash reporter will happily execute your evil code on a victim’s box

macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. To secure your mac just update it with the December 2016 patches.Anyone including, but not Read more about Hacking: macOS FileVault2 Password Retrieval[…]

Fraudsters can guess credit card numbers in as little as six seconds per attempt thanks to security gaps in Visa’s network, academics say. The brute force attacks allow criminals to bombard Visa with card payment requests across multiple sites with each attempt narrowing the possible combinations until a valid card number and expiry date are Read more about Guessing valid credit card numbers in six seconds? Priceless[…]

Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.12_1.0.11 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by Read more about Vulnerability Note VU#582384 – Multiple Netgear routers are vulnerable to arbitrary command injection[…]

An attacker can misuse PwC ACE security vulnerability in order to: – make changes to the production systems and their settings including manipulating or corrupting ABAP programs shipped by SAP and making the system and data inoperable; – plant an SAP backdoor for accessing the system and sensitive data later; and – shut down the Read more about Full Disclosure: [ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security[…]

Researchers from SEC Consult have found two backdoor accounts that exist in 80 models of professional Sony security cameras, mainly used by companies and government agencies given their high price. One set of hard-coded credentials is in the Web interface and allows a remote attacker to send requests that would enable the Telnet service on Read more about Hardcoded root accounts found in 80 Sony IP security camera models[…]

In March 2016, security experts warned that PowerShell had been fully weaponised. In the following month, a report confirmed that PowerShell was used to launch 38% of cyber attacks seen by security firm Carbon Black and its partners in 2015. Now more than 95% of PowerShell scripts analysed by Symantec researchers have been found to Read more about PowerShell security threats greater than ever, researchers warn[…]

This CLI debugging interface grants the attacker full access to the computer’s hard drive, despite the presence of BitLocker. The reason is that during the Windows 10 update procedure, the OS disables BitLocker while the Windows PE (Preinstallation Environment) installs a new image of the main Windows 10 operating system. Source: Holding Shift + F10 Read more about Holding Shift + F10 During Windows 10 Updates Opens Root CLI, Bypasses BitLocker – Slashdot[…]

Acquired administrator level access to all of the [Microsoft Azure](https://azure.microsoft.com) managed [Red Hat Update Infrastructure](https://access.redhat.com/documentation/en/red-hat-update-infrastructure/3.0.beta.1/paged/system-administrator-guide/chapter-1-about-red-hat-update-infrastructure) that supplies all the packages for all [Red Hat Enterprise Linux](https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux) instances booted from the Azure marketplace. Basically it’s easy to find all servers, then bump up a package version number, upload it to the update host and get all Read more about Acquired administrator level access to all of the Microsoft Azure managed Red Hat Update Infrastructure that supplies all the packages for all Red Hat Enterprise Linux instances booted from the Azure marketplace.[…]

The US Secret Service is tasked with keeping the President and members of his family safe. But newly released documents show that the agency has had trouble keeping tabs on its own equipment. Since 2001, the agency has lost at least 1,024 computers, 736 mobile phones, and 121 guns. Judicial Watch obtained the numbers through Read more about The Secret Service Has Lost 1,024 Computers Since 2001[…]