Security Alerts & News
by Tymoteusz A. Góral

History
#1070 Satana ransomware – threat coming soon?
Petya ransomware is quickly becoming a household name and in typical cyber-criminal fashion, copycat families are starting to emerge.

In this post, we have the benefit of analyzing “malware-in-development” and can observe its growth over the coming weeks. The ransomware is called Satana (devil/satan in Italian) and similar to the Petya and Mischa bundle, Satana works in two modes.

The first mode behaves like Petya, a dropper (that is a typical PE file) writes to the beginning of the infected disk a low-level module which is a bootloader with a tiny custom kernel.

The second mode behaves like typical ransomware and encrypts files one by one (just like Mischa).

Contrary to the Petya and Mischa bundle, these modes are not used as alternatives, but are both utilized, one after the other, to infect the system.
Read more
#1078 Encryption bypass vulnerability impacts half of Android devices
#1077 TPLINK loses control of two device configuration domains
#1076 MRI software bugs could upend years of research
#1075 Scope of ThinkPwn UEFI zero-day expands
#1074 Android Nougat prevents ransomware from resetting device passwords
#1073 This Android malware has infected 85 million devices and makes its creators $300,000 a month
#1072 Identity fraud up by 57% as thieves target social media
#1071 Tor Privacy settings coming to Firefox
#1070 Satana ransomware – threat coming soon?
#1069 Don’t pay the Ransom! AVG releases six free decryption tools to retrieve your files
#1068 How to detect most malicious macros without an antivirus
#1067 MIT's Swarm chip architecture boosts multi-core CPUs
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12