VB Migration

Tag: ransomware

  • Paper: Spreading techniques used by malware

    Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected an endpoint, it often looks for other devices in order to spread further, or at least to include the files on those devices in its malicious encryption…

  • Paper: Spreading techniques used by malware

    Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected an endpoint, it often looks for other devices in order to spread further, or at least to include the files on those devices in its malicious encryption…

  • VB2016 preview: Cryptography mistakes in malware

    “Don’t roll your own crypto”, software developers are often told: cryptography is hard and thus it is always safer to use a well-tested public library rather than writing your own implementation. Not everyone heeds that advice though, and among those not listening are the developers of various malware families. In a paper to be presented…

  • VB2016 preview: Cryptography mistakes in malware

    “Don’t roll your own crypto”, software developers are often told: cryptography is hard and thus it is always safer to use a well-tested public library rather than writing your own implementation. Not everyone heeds that advice though, and among those not listening are the developers of various malware families. In a paper to be presented…

  • Guest blog: Nemucod ransomware analysis

    In the run up to VB2016 , we invited the sponsors of the conference to write guest posts for our blog. In the third of this series, Webroot’s Jesse Lopez writes about the Nemucod ransomware. Note: some security vendors refer to the downloader component alone (which has been seen to download other kinds of malware as well) as ‘Nemucod’.…

  • Guest blog: Nemucod ransomware analysis

    In the run up to VB2016 , we invited the sponsors of the conference to write guest posts for our blog. In the third of this series, Webroot’s Jesse Lopez writes about the Nemucod ransomware. Note: some security vendors refer to the downloader component alone (which has been seen to download other kinds of malware as well) as ‘Nemucod’.…

  • Romanian university website compromised to serve Neutrino exploit kit

    This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the university courses they want to attend. Imagine how horrible it would be if those students, after visiting the website of their university of choice, suddenly found all…

  • Romanian university website compromised to serve Neutrino exploit kit

    This blog post was written by Martijn Grooten and Adrian Luca. Like every summer, millions of prospective students around the world have been taking entry exams for the university courses they want to attend. Imagine how horrible it would be if those students, after visiting the website of their university of choice, suddenly found all…

  • Paying a malware ransom is bad, but telling people never to do it is unhelpful advice

    I’m not usually one to spread panic about security issues, but in the case of the current ransomware plague, I believe that at the very least a sense of great concern is justified. And the threat is unlikely to disappear any time soon. While there are certainly many things we can do to significantly reduce…

  • New tool helps ransomware victims indentify the malware family

    Malware infections are never fun, but ransomware is particularly nasty and the plague doesn’t seem likely to cease any time soon: new families are spotted almost daily. A small silver lining in this dark cloud is the fact that crypto is hard for the bad guys too: they have made many mistakes implementing their encryption…