Archive

Three myths about Ransomware


Ransomware is a popular weapon for the modern attacker with >50% of the 330,000+ attacks in 3Q15 targeted against US companies. No industry is immune to these attacks, which if successful are a blot on financial statements of the targeted companies. Despite their success, ransomware attacks are not sophisticated, exploit traditional infection vectors and are not stealthy.

WannaCry: What to do if you can’t update Microsoft Windows


A global pandemic of ransomware hit Windows based systems in 150 countries in a matter of hours. The root cause was traced to a vulnerability corrected by Microsoft for supported platforms (Win 7, 8.1 and higher) in March 2017, about 55 days before the malware was widespread. Detailed explanations and mitigation steps are described here. The first step to mitigation is to apply the update from Microsoft. A version for XP and 2003 was also released by Microsoft on Friday May 12, 2017.

WannaCry: Nuisance or catastrophe? What to expect next?


As we come to the one week point of the global pandemic of ransomware called WannaCry, it seems that while the infection gained worldwide (and unprecedented) news coverage, it has been more of a global nuisance than a global catastrophe. Some interesting points to note...

Do hackers prefer attacking over the weekend?


The recent WannaCry attack started on a Friday and it was feared that the results would be far more severe on Monday, as workers trickled back from the weekend. The fraudulent wires from Bangladesh Bank that resulted in $81M lost also happened on a Friday. A detailed account of how this weekend timing allowed hackers to get away a large sum (rerouted to the Philippines) with is described in this Reuters investigation.

WannaCry at Industrial Control Systems


A global pandemic of ransomware hit Windows based systems in 150 countries in a matter of hours. The root cause was traced to a vulnerability corrected by Microsoft for supported platforms (Win 7, 8.1 and higher) in March 2017, about 55 days before the malware was widespread. Detailed explanations and mitigation steps are described here. The first step to mitigation is to apply the update from Microsoft. A version for XP and 2003 was also released by Microsoft on Friday May 12, 2017.

WannaCry: Fraud follows fear


After the global pandemic of the WannaCry ransomware attack this past weekend, it’s entirely predictable that fraudsters would follow. After every major attack or vulnerability disclosure, criminals are quick to take advantage of the attendant fear by pitching phony schemes to “protect” those that are worried they may be, or may become, victims.

WannaCry: What it is and what to do about it


What happened For those of us in the IT Security profession, Friday May 12 was Black Friday. Networks in healthcare and critical infrastructure across at least 99 countries have been infected by the WannaCry ransomware worm, aka WanaCrypt, WannaCrypt or Wcry. The bulk of infections were reported in Russia, Taiwan and Spain.

Challenges with Threat Intelligence or why a Honeynet is a good idea


Shared threat intelligence is an attractive concept. The good guys share experiences about what the bad guys are doing thereby blunting attacks. This includes public-private partnerships like InfraGard, a partnership between the FBI and the private sector dedicated to sharing information and intelligence to prevent hostile acts against the U.S.

See EventTracker in action!

See EventTracker in action!

Join our next live demo August 6th at 2:00 p.m. EST.

Register Here