Malware News and Trends

David Balaban

Subscribe to David Balaban: eMailAlertsEmail Alerts
Get David Balaban: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by David Balaban

Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People were asking themselves: “That is my computer, would I pay $100 for it? If I don't really have data, I’d better format my PC and start all over again.” So, that strategy – locking access to computers, started becoming obsolete.  What did the bad guys do?  They realized that the previous strategy was only good when the data that computer was holding was valuable. So they started asking ransom for the data, and that's what they're doing now. That was the evolution. It's the same thing with the same bad people doing that, evolving over time, and then we get a situation now where the bad guys ... (more)

Ransomware and the Cloud | @CloudExpo #InfoSec #DataCenter #Security

It's been years since it became obvious that crypto isn't necessarily usable for benign purposes only. Back in the day, a variety of data encryption techniques were contrived to protect sensitive communication against MITM (man-in-the-middle) attacks and similar interception attempts. The creators of file-encrypting ransomware, however, have ventured to add a malicious component to the mix, using both symmetric and asymmetric algorithms to lock their victims' data and hold it for ransom. The most common cryptosystems leveraged in these campaigns are RSA and AES. Although these ... (more)

Zepto extension virus: files restoration and ransomware removal

Crypto ransomware programs come and go, but the idea of online extortion stays and perseveres with its progress. Having vanished from the antimalware radars for a while, the sample called Locky recently reappeared with a number of new features. Researchers consider the latest spike in its propagation to be associated with the so-called Necurs Botnet that the threat actors have begun to leverage after dropping the previous distribution tactics. The updated infection badly tweaks the names of one’s files and appends the .zepto component to those. These are mere external changes, th... (more)

Ransomware Chronicle

This is a comprehensive report on ransomware-related events covering a time frame of May – December 2016. The incidents herein are visually broken down into categories, including new ransomware, updates of existing strains, decryptors released, and other noteworthy news. Security researchers and users interested in the ransomware subject can now use this all-in-one knowledgebase instead of having to collect data from multiple different sources. New ransomware released Old ransomware updated Ransomware decrypted Other important ransomware related events THE ENIGMA RANSOMWARE SU... (more)

TeamViewer Security

Although the publisher of TeamViewer takes security seriously and ensures encrypted communication between endpoints and servers through RSA-2048 and AES-256 ciphers, there have been incidents where perpetrators successfully used the app in large-scale hoaxes. It turns out that the Internet scoundrels don't necessarily have to get around the strong crypto defenses to deploy their devious stratagems. SURPRISE RANSOMWARE INCIDENT Ransomware, a real scourge of the present-day Internet, has been reportedly circulating over unauthorized TeamViewer sessions. This issue recently got i... (more)