Security Alerts & News
by Tymoteusz A. Góral

History
#2166 PyCL ransomware delivered via RIG EK in distribution test
This past Saturday security researchers Kafeine, MalwareHunterteam, BroadAnalysis, and David Martínez discovered a new ransomware being distributed through EITest into the RIG exploit kit. As this ransomware was only distributed for one day and does not securely encrypt files, it makes me believe that this may have been a test distribution run.

While the colors and interface used by this ransomware have a striking resemblance to CTB-Locker/Critroni, it is written in a different language and there are no distinguishing strings in the ransom notes or executables. Since it's programmed in Python and the script is called cl.py, I will be referring to it as PyCL in this article.
Read more
#2167 Microsoft quietly patched Windows 0day used in attacks by Zirconium group
#2166 PyCL ransomware delivered via RIG EK in distribution test
#2165 One of the most dangerous forms of ransomware has just evolved to be harder to spot
#2164 Potent LastPass exploit underscores the dark side of password managers
#2163 Humbled malware author leaks his own source code to regain community's trust
#2162 Security? What security? Four million data records are stolen or lost every day
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12