Malware News and Trends

David Balaban

Subscribe to David Balaban: eMailAlertsEmail Alerts
Get David Balaban: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by David Balaban

Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People were asking themselves: “That is my computer, would I pay $100 for it? If I don't really have data, I’d better format my PC and start all over again.” So, that strategy – locking access to computers, started becoming obsolete.  What did the bad guys do?  They realized that the previous strategy was only good when the data that computer was holding was valuable. So they started asking ransom for the data, and that's what they're doing now. That was the evolution. It's the same thing with the same bad people doing that, evolving over time, and then we get a situation now where the bad guys ... (more)

Ransomware and the Cloud | @CloudExpo #InfoSec #DataCenter #Security

It's been years since it became obvious that crypto isn't necessarily usable for benign purposes only. Back in the day, a variety of data encryption techniques were contrived to protect sensitive communication against MITM (man-in-the-middle) attacks and similar interception attempts. The creators of file-encrypting ransomware, however, have ventured to add a malicious component to the mix, using both symmetric and asymmetric algorithms to lock their victims' data and hold it for ransom. The most common cryptosystems leveraged in these campaigns are RSA and AES. Although these ... (more)

TeamViewer Security

Although the publisher of TeamViewer takes security seriously and ensures encrypted communication between endpoints and servers through RSA-2048 and AES-256 ciphers, there have been incidents where perpetrators successfully used the app in large-scale hoaxes. It turns out that the Internet scoundrels don't necessarily have to get around the strong crypto defenses to deploy their devious stratagems. SURPRISE RANSOMWARE INCIDENT Ransomware, a real scourge of the present-day Internet, has been reportedly circulating over unauthorized TeamViewer sessions. This issue recently got i... (more)

Ransomware Chronicle

This is a comprehensive report on ransomware-related events covering a time frame of May – December 2016. The incidents herein are visually broken down into categories, including new ransomware, updates of existing strains, decryptors released, and other noteworthy news. Security researchers and users interested in the ransomware subject can now use this all-in-one knowledgebase instead of having to collect data from multiple different sources. New ransomware released Old ransomware updated Ransomware decrypted Other important ransomware related events THE ENIGMA RANSOMWARE SU... (more)

Remove OSIRIS ransomware and decrypt .osiris extension files

A brand-new iteration of the deleterious Locky ransomware is out. Expert reports about the update started to appear on December 5, which is almost a fortnight after the ZZZZZ precursor surfaced. The latest tweak means that the files affected by Locky will now have the .osiris extension appended to them, hence the generic name of the new heir to the throne that never stays vacant. It’s worth mentioning that the crooks in charge now opt for the Egyptian mythology-based version naming principle, the term “Osiris” standing for the god of death and afterlife. So, what other features –... (more)