Podcasts about CryptoLocker

Cyber attacks aren't just an urban myth and I'm speaking from experience. One Monday morning I found our dental IT system in lock down and our business held to ransom by a CryptoLocker attack. Fortunately, I'd met James Borg and he was my knight in shining armour. James is the Managing Director of Teamwork Technology and in this episode we discuss the importance of having secure, reliable IT systems in your dental practice. With over ten years of IT experience within the dental industry, he and his team are highly knowledgeable with solutions that are relevant to the dental industry. We chat about: Common IT problems in dental practices How do you look after your passwords?  What do you do to make sure they don't get hacked? The key things you need for IT security My experience with a CryptoLocker attack Three action steps to improve your practice IT systems Find out more about James Borg: Teamwork Technology Website: http://www.teamworktech.com.au/about-us/ LinkedIn: https://www.linkedin.com/in/james-borg-07709964 [3:56] - Why are public holidays the prime time for your business to be hacked? [7:50] - What is best practice for storing your passwords? [12:11] - Best practice when it comes to the hardware and software for email and data storage. [16:05] - Microsoft 365 … or Google Workspace? Which is more secure for your business? [19:07] - When to update your hardware and data systems. [24:17] - A real life recent hacking story that happened within 90 minutes! [27:20] - How to plan out what kind of infrastructure and layers of redundancy your practice will need in the next few years.

La pubblica amministrazione sotto attacco hacker. Apple deve interrompere la vendita di Apple Watch in USA. Thread si apre al fediverso. Una giuria federale da ragione a Epic contro Google. Queste e molte altre le notizie tech commentate nella puntata di questa settimana.Dallo studio distribuito di digitalia:Franco Solerio, Michele Di Maio, Giulio CupiniProduttori esecutivi:Alessandro Stevanin, Vincenzo Ingenito, Carlo Tomas, Andrea Guido, Andrea Nicola Vasile, Alessio Ferrara, Claudio Pontillo, Michele Francesco Falzarano, Marco Grechi, Enrico Carangi, Fulvio Barizzone, Alessio Cerretini, Luca Ubiali, Diego Arati, Alessandro Morgantini, Antonio Taurisano, Simone Podico, Mario Giammona, Michelangelo Rocchetti, Denis Grosso, Giuseppe Brusadelli, Giorgio Puglisi, Umberto Marcello, Andrea Malesani, Fabio Brunelli, Roberto Medeossi, Mauro Tommasi, Donato Gravino, Letizia Calcinai, Emanuele Libori, Michele Olivieri, Edoardo Volpi Kellerman, Calogero Augusta, Nicola Grilli, Daniele Bastianelli, Fiorenzo Pilla, Cristian Pastori, Guido Raffaele Piras, Paolo Tegoni, Il Pirata Lechuck, Mario Cervai, Andrea Giovacchini, Andre Marzulo, Valerio Galano, Manuel Zavatta, Davide Tinti, Nicola Gabriele Del Popolo, Matteo Lodola, Massimiliano Sgroi, Pavlo, Nicola Gabriele Del Popolo, paolo bernardini, Arzigogolo, Feró, Capitan Harlock, Idle Fellow, Anonymous, Brainrepo , Fiorenzo Pilla, Nicola Fort, Gianlu, Gianluca Trevisani, Arzigogolo, akagrintaSponsor:Squarespace.com - utilizzate il codice coupon "DIGITALIA" per avere il 10% di sconto sul costo del primo acquisto.Links:KRS-One Has A Problem With GrammysVinyl Me PleaseAttacco hacker contro la pubblica amministrazioneApple to halt Apple Watch Series 9 and Ultra 2 sales in the USPush notifications are a privacy nightmareApple now requires court orders to access push notification dataMeredith Whittaker about push notificationsGenerating a remote notificationAdam Mosseri spells out Threads plans for the fediverseQuanti server stanno defederando #Threads?@mosseri is now the 3rd most followed account in the fediverseThreads launches for nearly half a billion more users in EuropeTim Sweeney on Epics victory royale over GoogleSpotify confirms test of prompt-based AI playlists featureLa versione di Ghigo Renzulli dei LitfibaIn Search of Cash Studios Send Old Shows Back to NetflixAGCOM: arriva l'obbligo per il telecomando TV con i numeriSocial Media Is a Mess. Government Meddling Would Make It Worse.The worst year in digital media historyEven in time of genocide Big Tech silences PalestiniansWatching the watchdogs: Media law and Gaza genocideGen Z has discovered a whole new source for newsSatanic display at Iowa Capitol vandalized beyond repairBrain organoid reservoir computing for artificial intelligenceAI made from living human brain cells performs speech recognitionGingilli del giorno:BatFiGround.newsReMastered: Devil at the CrossroadsSupporta Digitalia, diventa produttore esecutivo.

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It's 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week's show is brought to you by Thinkst Canary. Haroon Meer is this week's sponsor guest and joins us to talk about Thinkst's latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI's Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea's Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week's Reddit breach shows company's security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass' crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: North Korea is ransomwaring hospitals with homegrown and Russian strains Russia proposes law greenlighting “patriotic hacks” It's 702 renewal time… again CISA releases ESXiArgs recovery script (yay!) UK mulls crimephone ban Much, much more This week's show is brought to you by Thinkst Canary. Haroon Meer is this week's sponsor guest and joins us to talk about Thinkst's latest release: the credit card canary. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes North Korean hackers extort health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics Risky Biz News: US and UK sanction seven Trickbot members United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang | U.S. Department of the Treasury Risky Biz News: Russia wants to absolve patriotic hackers from any criminal liability The FBI's Most Controversial Surveillance Tool Is Under Threat | WIRED Meet the Creator of North Korea's Favorite Crypto Privacy Service | WIRED CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel - The Record from Recorded Future News decrypt your crypted files in ESXi servers affected by CVE-2020-3992 / CryptoLocker attack Tonga is the latest Pacific Island nation hit with ransomware - The Record from Recorded Future News UK Proposes Making the Sale and Possession of Encrypted Phones Illegal UK High Court allows Bahraini activists to sue government over spyware - The Record from Recorded Future News Russian cybersecurity expert convicted of charges in $90M hack-to-trade case | CyberScoop Deepfake 'news anchors' appear in pro-China footage on social media, research group says - ABC News Geotargeting tools are allowing phishing campaigns to home in on potential victims - The Record from Recorded Future News This week's Reddit breach shows company's security is (still) woefully inadequate | Ars Technica Namecheap denies system breach after email service used to spread phishing scams - The Record from Recorded Future News Mysterious leak of Booking.com reservation data is being used to scam customers | Ars Technica DOM XSS vulnerability in Gartner Peer Insights widget patched | The Daily Swig Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game - Avast Threat Labs OAuth ‘masterclass' crowned top web hacking technique of 2022 | The Daily Swig New XSS Hunter host Truffle Security faces privacy backlash | The Daily Swig 'No evidence of malicious access,' Toyota says about serious bug exploited by outside researcher - The Record from Recorded Future News A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me | CyberScoop

12202021 : Supply Chain + Metaverse + 2021 electronic gifts ………. Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets...

In this episode of the Arraya Insights Vodcast, our panel looks at the cyber threat landscape. Specifically, they delve into ransomware, cyber security preparedness, incident response, cyber insurance and more. Hosted by Chuck Kiessling, Senior Director, Presales Solutions, this episodes panel includes Scott Brion (Director, Cyber Security), Mike Piekarski (Enterprise Security Architect), and Keith Wood (Cyber Security Consultant).

On. This episode : Stuxnet, Edward Snowden, Monarchy, Internet + Bulk Collection Can you name a famous computer virus ? Conficker. , aliases, including Downup, Downadup, and Kido is a worm . ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova

Man looks into Read/Write/Execute : Snowden, Wikileaks, Data Dumping and COVID-19....... . Leave a voicemail at 313-MAN-0231 Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets... Keywords: how to guides, computer security, blogging, seo homeforgeeks.com one stop blog for all your technology needs related to Mobiles,Android,Wordpress,make money online,Ethical hacking. Keywords: android, symbian, hacking, ethical hacking plynt.com Plynt application penetration tests and security certification program assures that your application is safe against known common attacks. With experi... Keywords: penetration, testing, application, security

If you’re thinking it’s time for a computer upgrade, you’ll enjoy the options presented in this episode. If you’re concerned about getting hacked, we’ve got you covered on what to do to protect your computer and your business. In this episode, we geek out a bit with Kevin Clemons, CEO at Au Technology Solutions. It should be noted, in this episode when Kevin mentions services offered by Microsoft, that those similar services are also available with Google’s suite of products. I wanted to say this because well… I’m Google-centric. Is that a word? My spell-checker thinks not. I also wanted to apologize for the clicky sounds you hear from Kevin’s side of the conversation. I’ve done what I can to remove them, but many still exist. We start the conversation talking about John’s pending computer upgrade options: AMD Ryzen computers. Kevin’s recommended laptop, the Lenovo Flex 14, 12Gb RAM, 256Gb SSD hard drive, a touch screen on Amazon about $600. What can you do to protect yourself with your home computer now that you’re working at home? Here are Kevin’s recommendations: Use BitDefender to protect yourself from CryptoLocker. Stick with using the anti-virus that comes with Windows 10. It’s better than any free software you can get, for the most part. Or use BitDefender if you want to go further then Windows 10 can do. Malwarebytes as a fantastic mediation tool. HitmanPro is another great 2nd opinion scanner as well. Add ADW Cleaner to your list as well to clean up what your browser picks up along the way. Regarding CryptoLocker, don’t put your trust in only one company to protect yourself. There’s only one way to protect yourself: a backup that is not permanently attached to your device. Kevin recommends using BackBlaze. It’s about $60 per year. We go on and talk about email attachments carry malware payloads and how best to protect yourself from them: Use chat applications like Microsoft Teams, Slack, or Google’s Meet to verify unexpected email attachments that may be carrying payloads. With convenience comes a sacrifice of security. Use two-factor authentication (2FA) also called multi-factor authentication (MFA). Google Authenticator is one such app you can use on your phone to authenticate entry to a website or service. Next, we talk about passwords and using a password manager like LastPass. Kevin has another idea about keeping passwords. Kevin describes his simple process of how he creates good passwords. Here’s Kevin’s algorithmic password generator steps. Check Have I Been Pwned? ONLY to see if you’ve been compromised as an investigative step. Just enter your email address and it will be checked and show you what websites, etc. are known to have been hacked and which your email address is associated with. Here’s an example of how to create a secure password: Use any word you’d like to use for your passwords with the following changes: Anytime we create a password, the 2nd letter should be capitalized. The 3rd letter should be a special character like a !, %, $, etc. Then add the year you created the password as a reminder to change it the next year. After the year, add the version like “1.” So if you changed the password within the same year, you would change this number to “2.” At the end of the password, add 2 letters representing the name of the service or program e.g. “gm” for Gmail. What are other ways to stay secure while working from home? Virtual Private Network. A VPN is one of the smartest ways to protect your online privacy and maintain your data security. ~ Wikipedia Kevin talks about using Linux. Linux is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged in a Linux distribution. ~ Wikipedia Spam scammer calls have not stopped: Do not let someone on your computer if you don’t know who that person is.  So we wrapped up talking about Microsoft, Google, their products, overall usage, and privacy/security features and John asks Kevin how he defines what a brand is: “I’d say it’s your public-facing image.” Contact Kevin Clemons CALL (760) 299-4104 or email support@autechnologysolutions.com  "Branded" Podcast Contact Info John BiethanContact the show ALL MAVEN a Full-service Digital & Creative Agency Intro/Outtro music credit Dances With Koalas by coruscate (c) copyright 2020 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/Coruscate/61129 Ft: Calyman & Psubhashish

In this episode the analysis of Snowden's new book. 1.1 Air-Gapped Network. 1.2 Antivirus. 1.3 Best Practices. 1.4 Black Hat. 1.5 Blacklist. 1.6 Botnet. 1.7 Casus Belli. 1.8 Civilian Participation. Igloo Security, ESTSecurity, SOPHOS, SK Infosec, Check Point, and Trend Micro have selected 7 cyber security keywords for the year 2020. △AI △Ransomware △Supply Chain Attacks △Cloud △IoT △Malicious Emails △Dark Web ASIA PACIFIC SECURITY, CYBER RESILIENCE, DATA BREACH, EDITOR'S DESK, EDUCATION, EVENTS, IT SOLUTIONS, MOVERS & SHAKERS, RISK MANAGEMENT, SECURITY PRODUCTS, TECHTIME, VULNERABILITIES I'm trying to have my coffee and unwittingly having to troubleshoot Windows XP + 7 issues . Leave a voicemail at 313-MAN-0231 Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets... Keywords: how to guides, computer security, blogging, seo homeforgeeks.com one stop blog for all your technology needs related to Mobiles,Android,Wordpress,make money online,Ethical hacking. Keywords: android, symbian, hacking, ethical hacking plynt.com Plynt application penetration tests and security certification program assures that your application is safe against known common attacks. With experi... Keywords: penetration, testing, application, security

I'm trying to have my coffee and unwittingly having to troubleshoot Windows XP + 7 issues . Leave a voicemail at 313-MAN-0231 Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets... Keywords: how to guides, computer security, blogging, seo homeforgeeks.com one stop blog for all your technology needs related to Mobiles,Android,Wordpress,make money online,Ethical hacking. Keywords: android, symbian, hacking, ethical hacking plynt.com Plynt application penetration tests and security certification program assures that your application is safe against known common attacks. With experi... Keywords: penetration, testing, application, security

Latest news in Computational Medicine to treat COVID-19, mapping the virus to its core, scams asking people to download a pkg to use computers processing power to help scientists cure COVID-19: I'm trying to have my coffee and unwittingly having to troubleshoot Windows XP + 7 issues . Leave a voicemail at 313-MAN-0231 Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets... Keywords: how to guides, computer security, blogging, seo homeforgeeks.com one stop blog for all your technology needs related to Mobiles,Android,Wordpress,make money online,Ethical hacking. Keywords: android, symbian, hacking, ethical hacking plynt.com Plynt application penetration tests and security certification program assures that your application is safe against known common attacks. With experi... Keywords: penetration, testing, application, security

17 million results examined : 1983-1992 : The Invisible Wall and Vault 7, Espionage, fake news, Man in search of the truth over Chinese Espionage: Virus, Bio Warfare, Masks watch out for these Coronavirus websites and scams, China spreading rumors about COVID-19, hackers, Taiwan, US, Chinese working 24/7 to spread disinformation, State Department employees test positive for Coronavirus, ebola, Netflix to slow down streaming to stop the internet from breaking, leave a voicemail at 313-MAN-0231........ 寻找有关中国间谍活动的真相的人：病毒，生物战，口罩和路边COVID-19 @ Best Buy，当心这些冠状病毒网站和骗局，中国散布有关COVID-19，黑客，台湾，美国，中国和中国的谣言 俄罗斯巨魔全天候（24/7）传播虚假信息，国务院员工对冠状病毒，埃博拉病毒和Netflix呈阳性反应，以减慢流传输速度以阻止互联网中断，并在313-MAN-0231留下语音邮件I'm trying to have my coffee and unwittingly having to troubleshoot Windows XP + 7 issues . Leave a voicemail at 313-MAN-0231 Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course hackerbox.org Hackers Home Page for FREE Geeky Image Submission and Tools Conficker. First discovered in 2008, Conficker, which had many aliases, including Downup, Downadup, and Kido is a worm that targets Windows operating systems. ... ILOVEYOU. ... Morris Worm. ... Mydoom. ... Stuxnet. ... CryptoLocker. ... Sasser & Netsky. ... Anna Kournikova Keywords: hack, hacker, hackers, hackerbox ethicalhacker.net The Ethical Hacker Network - Free Online Magazine for the Security Professional Nokia, Fujitsu, Motorola and Sun Microsystems Keywords: ethicalhackernet, hacking, hack, hacker resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Online headquarters of Kaspersky Lab security experts. zone-h.com Zone-H - Unrestricted Information - A global view to the world with a stress on the ITsec Keywords: zone-h, hands on hacking, ethical hacking, hacker course coresecurity.com Enabling enterprises with access control systems & penetration testing for a comprehensive and predictive approach to Information Security Ethical Hacking, Cyber Forensic, Website Security, VAPT, Mobile Security. safeguarding critical data a... Keywords: penetration test, penetration testing, penetration testing product, ethical hacking insecure.in internet security and ethical hacking Keywords: internet security, ethical hacking, information security, network security pentestit.com Your source for all things Information Security! Keywords: hacking, cracking, pentest, computer security hacktabs.com HackTabs is a Technology Blog. We write about Technology,How To Guides,Social Media,Ethical Hacking,Microsoft Windows,SEO,Blogging,Mobiles and Gadgets... Keywords: how to guides, computer security, blogging, seo homeforgeeks.com one stop blog for all your technology needs related to Mobiles,Android,Wordpress,make money online,Ethical hacking. Keywords: android, symbian, hacking, ethical hacking plynt.com Plynt application penetration tests and security certification program assures that your application is safe against known common attacks. With experi... Keywords: penetration, testing, application, security

La prima puntata speciale del 2020 è dedicata a una chiacchierata su CryptoLocker e Ransomware con due ospiti speciali. Dallo studio distribuito di digitalia: Franco Solerio, Giulio Gaudiano, Michele Vitale Links: Ransomware CryptoLocker Ransomware: i consigli del Garante privacy per difendersi dal software che prende “in ostaggio” pc e smartphone Ransomware e Regolamento UE 2016/679 Supporta Digitalia Shut Up and Dance (Black Mirror)

Cosa sono i ransomware e cryptolocker? Come ci si può difendere da virus e malware che prendono in ostaggio i nostri dati chiedendo in cambio un riscatto? E' meglio pagare e riavere (forse) accesso ai dati o andare alla Polizia postale? Quali sono gli obblighi normativi per chi viene attaccato da un ransomware? Scopriamolo in una puntata speciale con Franco Solerio ( http://digitalia.fm ) e l'avvocato Michele Vitale ( http://bastabollette.it ) stimolata da una storia vera e creata con lo scopo di vincere la vergogna e lottare attraverso informazione, consapevolezza e prevenzione contro un fenomeno che rischia di colpire chiunque.

Cosa sono i ransomware e cryptolocker? Come ci si può difendere da virus e malware che prendono in ostaggio i nostri dati chiedendo in cambio un riscatto? E' meglio pagare e riavere (forse) accesso ai dati o andare alla Polizia postale? Quali sono gli obblighi normativi per chi viene attaccato da un ransomware? Scopriamolo in una puntata speciale con Franco Solerio ( http://digitalia.fm ) e l'avvocato Michele Vitale ( http://bastabollette.it ) stimolata da una storia vera e creata con lo scopo di vincere la vergogna e lottare attraverso informazione, consapevolezza e prevenzione contro un fenomeno che rischia di colpire chiunque.

Attacco informatico a Iren, i dati della società bloccati per due settimaneL'azienda ammette il problema e spiega: "Tornati disponibili quasi tutti i servizi" (fonte Repubblica)Due settimane di down della società elettrica per un cryptolocker, il malware che sfrutta vulnerabilità dei sistemi operativi non aggiornati per criptare i dati dei computer su cui riesce ad arrivare. La sicurezza informatica è considerata una cosa astratta, troppi pochi investimenti e consolidate tradizioni che portano ad affidarsi più alla fortuna che alla conoscenza. Seguimi anche su Telegram: https://t.me/marcogalassidigitalMusica: https://soundcloud.com/freemusicforvlogs/sets/inspirational-motivational

One of the biggest leaps in malware technology has been the creation of botnets. I’ll talk about them in more detail later, but one recent botnet that we have had to deal with is a botnet called Gameover ZeuS. This particular malware virus is the predecessor of the ZeuS trojan horse with a few more tricks up it’s sleeve. Created by a Russian man, people believe it was spread through the Cutwail botnet. But as far as what this trojan horse actually did was that it provided a backdoor for the Russian man - Evgenly Mikhailovich Bogachev - to steal money from peoples bank accounts. He made a point of stealing only from people who could actually afford it. How he stole that money was via the distribution of the CryptoLocker ransomware - a program I’ll talk later. Getting into the specifics, basically the malware establishes a connection to the server and installs itself on the computer. It then proceeds to disable specific system processes, download and launch executables, essentially bricking the computer so you can’t do anything. Even though this wasn’t affecting the public at large, it caught plenty of attention from police and international attention. Especially after the US Justice Department announced Operation Tovar which was designed to shut down Gameover ZeuS and block off communication and its command and control servers. They’ve also indicted Bogachev in the US for creating a network of virus-infected computers and siphoning millions from people. Because of the severity, the FBI announced in 2015 a $3 million dollar reward - the highest reward for a cybercriminal - for information about Bogachev.

Over the past several episodes I’ve talked a little about computer viruses. From The Morris Worm to the ILOVEYOU virus. But there is another term to describe these types of viruses: Malware. It’s become so common that maybe some of you thought computer virus and malware were perhaps two separate things. After all, we hardly ever hear the term computer virus being used. It’s mainly malware. But anyway malware has evolved extensively over the years and I think it’s important to show the highlights and growth of malware over the past few decades. After all, if we are to better protect ourselves, understanding the development before getting into specifics will help us moving forward. Malware all started in the 1980s and 1990s. The biggest splash in this area was The Morris Worm. It was the first form of malware to spread across the internet. There were some other ones that are worth bringing up too. There was Brain, Jerusalem, Michelangelo, CIH and the Melissa virus. I’ll talk about those in detail another time. Getting into the 2000s, we saw an upgrade of malware. They were rapidly growing, effectively doubling every year. The most notable malware was internet and email worms. You had ILOVEYOU but there were others. Examples are Anna Kournikova, Sircam, CodeRed worm, and Nimda. This was also around the time where phishing and other credit card scams emerged. Since 2010 and over this past decade, malware is still prominent but it’s more so used to leverage compromised systems. Outside of the numerous breaches over the past decade you also had some other notable events. These pushed businesses to have stronger security measures. Some malware that you can look up and I will explore later are the Stuxnet worm, ZeroAccess, a Trojan horse. Not until 2013 we started to see ransomware. This was malware that locked files on a user’s computer and users had to pay a ransom to get access to that information again. One notable one was CryptoLocker, another Trojan horse. You also had Gameover ZeuS which used keystroke logging to steal login details. Some other notable ones was 2017’s ransomwares WannaCry and Petya. Lastly there is Thanatos, the ransomware that’s been released and allow hackers to accept Bitcoin payments. As you can see from the overall history, malware has evolved and has impacted the world on larger scales. Of course there are all kinds of ways we can better protect ourselves. But I find the first step to better protect ourselves is to know exactly what we are up against.

Welcome to the History of Computing Podcast, where we explore the history of information technology. Because by understanding the past, we're able to be prepared for the innovations of the future! Todays episode is not about Fear, Uncertainty, and Death. Instead it's about viruses. As with many innovations in technology, early technology had security vulnerabilities. In fact, we still have them!  Today there are a lot of types of malware. And most gets to devices over the Internet. But we had viruses long before the Internet; in fact we've had them about as long as we've had computers. The concept of the virus came from a paper published by a Hungarian Scientist in 1949 called “Theory of Self-reproducing automata.” The first virus though, didn't come until 1971 with Creeper. It copied between DEC PDP-10s running TENEX over the ARPANET, the predecessor to the Internet. It didn't hurt anything; it just output a simple little message to the teletype that read “I'm the creeper: catch me if you can.” The original was written by Bob Thomas but it was made self-replicating by Ray Tomlinson thus basically making him the father of the worm. He also happened to make the first email program. You know that @ symbol in an email address? He put it there. Luckily he didn't make that self replicating as well.  The first antivirus software was written to, um, to catch Creeper. Also written by Ray Tomlinson in 1972 when his little haxie had gotten a bit out of control. This makes him the father of the worm, creator of the anti-virus industry, and the creator of phishing, I mean, um email. My kinda' guy.  The first virus to rear its head in the wild came in 1981 when a 15 year old Mt Lebanon high school kid named Rich Skrenta wrote Elk Cloner. Rich went on to work at Sun, AOL, create Newhoo (now called the Open Directory Project) and found Blekko, which became part of IBM Watson in 2015 (probably because of the syntax used in searching and indexes). But back to 1982. Because Blade Runner, E.T., and Tron were born that year. As was Elk Cloner, which that snotty little kid Rich wrote to mess with gamers. The virus would attach itself to a game running on version 3.3 of the Apple DOS operating system (the very idea of DOS on an Apple today is kinda' funny) and then activate on the 50th play of the game, displaying a poem about the virus on the screen. Let's look at the Whitman-esque prose: Elk Cloner: The program with a personality It will get on all your disks It will infiltrate your chips Yes, it's Cloner! It will stick to you like glue It will modify RAM too Send in the Cloner! This wasn't just a virus. It was a boot sector virus! I guess Apple's MASTER CREATE would then be the first anti-virus software. Maybe Rich sent one to Kurt Angle, Orin Hatch, Daya, or Mark Cuban. All from Mt Lebanon. Early viruses were mostly targeted at games and bulletin board services. Fred Cohen coined the term Computer Virus the next year, in 1983.  The first PC virus came also to DOS, but this time to MS-DOS in 1986. Ashar, later called Brain, was the brainchild of Basit and Amjad Farooq Alvi, who supposedly were only trying to protect their own medical software from piracy. Back then people didn't pay for a lot of the software they used. As organizations have gotten bigger and software has gotten cheaper the pirate mentality seems to have subsided a bit. For nearly a decade there was a slow roll of viruses here and there, mainly spread by being promiscuous with how floppy disks were shared. A lot of the viruses were boot sector viruses and a lot of them weren't terribly harmful. After all, if they erased the computer they couldn't spread very far. The virus started “Welcome to the Dungeon.” The following year, the poor Alvi brothers realized if they'd of said Welcome to the Jungle they'd be rich, but Axl Rose beat them to it. The brothers still run a company called Brain Telecommunication Limited in Pakistan. We'll talk about zombies later. There's an obvious connection here.  Brain was able to spread because people started sharing software over bulletin board systems. This was when trojan horses, or malware masked as a juicy piece of software, or embedded into other software started to become prolific. The Rootkits, or toolkits that an attacker could use to orchestrate various events on the targeted computer, began to get a bit more sophisticated, doing things like phoning home for further instructions. By the late 80s and early 90s, more and more valuable data was being stored on computers and so lax security created an easy way to get access to that data. Viruses started to go from just being pranks by kids to being something more.  A few people saw the writing on the wall. Bernd Fix wrote a tool to remove a virus in 1987. Andreas Luning and Kai Figge released The Ultimate Virus Killer, an Antivirus for the Atari ST. NOD antivirus was released as well as Flushot Plus and Anti4us. But the one that is still a major force in the IT industry is McAfee VirusScan, founded by a former NASA programmer named John Mcafee. McAfee resigned in 1994. His personal life is… how do I put this… special. He currently claims to be on the run from the CIA. I'm not sure the CIA is aware of this.  Other people saw the writing on the wall as well, but went… A different direction. This was when the first file-based viruses started to show up. They infected ini files, .exe files, and .com files. Places like command.com were ripe targets because operating systems didn't sign things yet. Jerusalem and Vienna were released in 1987. Maybe because he listened to too much Bad Medicine from Bon Jovi, but Robert Morris wrote the ARPANET worm in 1988, which reproduced until it filled up the memory of computers and shut down 6,000 devices. 1988 also saw Friday the 13th delete files and causing real damage. And Cascade came this year, the first known virus to be encrypted. The code and wittiness of the viruses were evolving.  In 1989 we got the AIDS Trojan. This altered autoexec.bat and counted how many times a computer would boot. At 90 boots, the virus would hide the dos directories and encrypt the names of files on C:/ making the computer unusable unless the infected computer owner sent $189 a PO Box in Panama. This was the first known instance of ransomeware. 1990 gave us the first polymorphic virus.  Symantec released Norton Antivirus in 1991, the same year the first polymorphic virus was found in the wild, called Tequila. Polymorphic viruses change as they spread, making it difficult to find by signature based antivirus detection products. In 1992 we got Michelangelo which John Mcafee said would hit 5 million computers. At this point, there were 1,000 viruses. 1993 Brough us Leandro and Freddy Krueger, 94 gave us OneHalf, and 1995 gave us Concept, the first known macro virus. 1994 gave us the first hoax with “Good Times” - I think of that email sometimes when I get messages of petitions online for things that will never happen.  But then came the Internet as we know it today. By the mid 90s, Microsoft had become a force to be reckoned with. This provided two opportunities. The first was the ability for someone writing a virus to have a large attack surface. All of the computers on the Internet were easy targets, especially before network address translation started to somewhat hide devices behind gateways and firewalls. The second was that a lot of those computers were running the same software. This meant if you wrote a tool for Windows that you could get your tool on a lot of computers. One other thing was happening: Macros. Macros are automations that can run inside Microsoft Office that could be used to gain access to lower level functions in the early days. Macro viruses often infected the .dot or template used when creating new Word documents, and so all new word documents would then be infected. As those documents were distributed over email, websites, or good old fashioned disks, they spread.  An ecosystem with a homogenous distribution of the population that isn't inoculated against an antigen is a ripe hunting ground for a large-scale infection. And so the table was set. It's March, 1999. David Smith of Aberdeen Township was probably listening to Livin' La Vida Loca by Ricky Martin. Or Smash Mouth. Or Sugar Ray. Or watching the genie In A Bottle video from Christina Aguilera. Because MTV still had some music videos. Actually, David probably went to see American Pie, The Blair Witch Project, Fight Club, or the Matrix then came home and thought he needed more excitement in his life. So he started writing a little prank. This prank was called Melissa.  As we've discussed, there had been viruses before, but nothing like Melissa. The 100,000 computers that were infected and 1 billion dollars of damage created doesn't seem like anything by todays standards, but consider this: about 100,000,000 PCs were being sold per year at that point, so that's roughly one tenth a percent of the units shipped. Melissa would email itself to the first 50 people in an Outlook database, a really witty approach for the time. Suddenly, it was everywhere; and it lasted for years. Because Office was being used on Windows and Mac, the Mac could be a carrier for the macro virus although the payload would do nothing. Most computer users by this time knew they “could” get a virus, but this was the first big outbreak and a wakeup call.  Think about this, if there are supposed to be 24 billion computing devices by 2020, then next year this would mean a similar infection would hit 240 million devices. That would mean it hits ever person in Germany, the UK, France, and the Nordic countries. David was fined $5,000 and spent 20 months in jail. He now helps hunt down creators of malware.  Macroviruses continued to increase over the coming years and while there aren't too many still running rampant, you do still see them today. Happy also showed up in 1999 but it just made fireworks. Who doesn't like fireworks? At this point, the wittiness of the viruses, well, it was mostly in the name and not the vulnerability. ILOVEYOU from 2000 was a vbscript virus and Pikachu from that year tried to get kids to let it infect computers.  2001 gave us Code Red, which attacked IIS and caused an estimated $2 Billion in damages. Other worms were Anna Kournikova, Sircam, Nimda and Klez. The pace of new viruses was going, as was how many devices were infected. Melissa started to look like a drop in the bucket. And Norton and other antivirus vendors had to release special tools, just to remove a specific virus.  Attack of the Clones was released in 2002 - not about the clones of Melissa that started wreaking havoc on businesses. Mylife was one of these. We also got Beast, a trojan that deployed a remote administration tool. I'm not sure if that's what evolved into SCCM yet.  In 2003 we got simile, the first metamorphic virus, blaster, sobbing, seem, graybeard, bolgimo, agobot, and then slammer, which was the fastest to spread at that time. This one hit a buffer overflow bug in Microsoft SQL and hit 75,000 devices in 10 minutes. 2004 gave us Bagle, which had its own email server, Sasser, and MyDoom, which dropped speeds for the whole internet by about 10 percent. MyDoom convinced users to open a nasty email attachment that said “Andy, I'm just doing my job, nothing personal.” You have to wonder what that meant… The witty worm wasn't super-witty, but Netsky, Vundo, bifrost, Santy, and Caribe were. 2005 gave us commwarrior (sent through texts), zotob, Zlob, but the best was that a rootlet ended up making it on CDs from Sony. 2006 brought us Starbucks, Nyxem, Leap, Brotox, stration. 2007 gave us Zeus and Storm. But then another biggee in 2008. Sure, Torpig, Mocmex, Koobface, Bohmini, and Rustock were a thing. But Conficker was a dictionary attack to get at admin passwords creating a botnet that was millions of computers strong and spread over hundreds of countries. At this point a lot of these were used to perform distributed denial of services attacks or to just send massive, and I mean massive amounts of spam.  Since then we've had student and duqu, Flame, Daspy, ZeroAccess. But in 2013 we got CryptoLocker which made us much more concerned about ransomware. At this point, entire cities can be taken down with targeted, very specific attacks. The money made from Wannacry in 2017 might or might not have helped developed North Korean missiles. And this is how these things have evolved. First they were kids, then criminal organizations saw an opening. I remember seeing those types trying to recruit young hax0rs at DefCon 12. Then governments got into it and we get into our modern era of “cyberwarfare.” Today, people like Park Jin Hyok are responsible for targeted attacks causing billions of dollars worth of damage.  Mobile attacks were up 54% year over year, another reason vendors like Apple and Google keep evolving the security features of their operating systems. Criminals will steal an estimated 33 billion records in 2023. 60 million Americans have been impacted by identity theft. India, Japan, and Taiwan are big targets as well. The cost of each breach at a company is now estimated to have an average cost of nearly 8 million dollars in the United States, making this about financial warfare. But it's not all doom and gloom. Wars in cyberspace between nation states, most of us don't really care about that. What we care about is keeping malware off our computers so the computers don't run like crap and so unsavory characters don't steal our crap. Luckily, that part has gotten easier than ever. 

בשנת 2013 היכתה את עולם המחשבים כופרה מתוחכמת בשם 'קריפטולוקר' (CryptoLocker), שלראשונה דרשה דמי כופר בביטקוין. מאחוריה עמד פושע סייבר מתוחכם ומסוכן באופן יוצא דופן: סלביק (Slavik).האזנה נעימה,רן. אהבתם את הפרק? לחצו על הכוכבים כדי לדרג את הפרק. שלח דירוג דירוג ממוצע 4.5 / 5. מספר מדרגים 2 אין הצבעות עד כה. הייה הראשון לדרג את הפרק. דף הבית של הפודקאסטהרשמה לפודקאסט:דואר אלקטרוני | WhatsApp | אנדרואיד | אייפון - עושים היסטוריה | אייפון - כל תכני הרשת | RSS עושים היסטוריה | RSS כל תכני הרשתפרק 276: כופרות (Ransomware) - היסטוריה של סחיטה ממוחשבת, חלק ב' בפרק הקודם סיפרתי לכם על שורשיה של תופעת ה-Ransomwares: תוכנות זדוניות שמונעות מהמשתמש לגשת אל הקבצים שלו על המחשב, ודורשות ממנו דמי כופר כדי לשחרר אותם. סיפרנו גם על שני האתגרים הגדולים ביישום סוג כזה של פשע ממוחשב. הראשון - אם אתה לא מומחה בקריפטוגרפיה, זה די קשה לכתוב תוכנת הצפנה טובה שתהיה Bulletproof: דהיינו, כופרה נטולת שגיאות שאי אפשר לפצח אותה בקלות. האתגר השני - העברת כספים דרך האינטרנט בדרך כלל מותירה אחריה שובל של ראיות, ולא קל למצוא דרך לקבל דמי כופר באופן שמותיר את העבריין אנונימי מחד, ומאידך לא מאפשר לקורבן לבטל את התשלום ולקבל את כספו בחזרה מאוחר יותר. שני האתגרים האלה הביאו לכך שבמשך שנים כופרות היו סוג נדיר וזניח יחסית של תוכנות זדוניות, למרות שכבר בשנות התשעים הראו שני חוקרים, מוטי יונג ואדם יאנג, כיצד ניתן ליישם בכופרות הצפנה חזקה שתהפוך אותן לכלי נשק מרשים בארסנל של עברייני המחשב.  כמעט עשרים שנה חלפו מאז פרסמו יונג ויאנג את מאמרם, ובספטמבר 2013 נתגלתה כופרה חדשה בשם קריפטלוקר (CryptoLocker). במובנים רבים, קריפטולוקר היתה דומה מאוד לכופרות שבאו לפניה. כמו כופרת ה AIDS משנות השמונים המאוחרות, גם קריפטולוקר הצפינה קבצים חשובים - למשל, מסמכים ותמונות - ואז הקפיצה על מסך המחשב הודעה מאיימת: שלם שלוש שלוש מאות דולרים או שכל הקבצים שלך יימחקו לתמיד - ושעון עצר בפינת המסך החל לספור לאחור שבעים ושתיים שעות. כאמור, עצם האיום שהציבה קריפטולוקר לא היה חדש: מה שכן היה חדש היה אחת מאפשרויות התשלום שהציגה הכופרה לקורבנותיה: ביטקוין (BitCoin).  ביטקוין ביטקוין נוצר לראשונה ב-2009, על ידי אדם או קבוצת אנשים שהסתתרו מאחורי הכינוי האנונימי 'סאטושי נאקאמוטו'. מדובר במטבע וירטואלי - דהיינו, מטבע שקיים בעולם הממוחשב בלבד - אבל לא זו התכונה המייחדת אותו משאר המטבעות הותיקים יותר: אחרי הכל, אפשר לשלם באינטרנט גם בשקלים ובדולרים. התכונה החדשנית והחשובה באמת של ביטקוין - גם לענייננו שלנו - היא העובדה שכדי להשתמש בו, אין צורך במתווכים.  למה הכוונה? הנה ההסבר. נניח שקניתי בעלי אקספרס מברשת ניקיון לשירותים בצורת השערות של דונלד טראפ. אני לא ממציא - יש דבר כזה, בחיי.

Last week I had the fun privilege of speaking twice at the Minnesota Goverment IT Symposium on the following topics: Forensics 101: This was a "reloaded" talk that I started earlier this year (and covered in episode 299 and 300). At a high level, the talk covered: Hunting malware with Sysinternals Creating system images with FTKImager Dumping memory with Volatility and ripping icky stuff out of memory images with their 1-2-3 punch article Seeking out DNS tunneling/exfil using Security Onion Pecha Kucha: this talk, which is in a 20x20 format is part PSA about how to not click bad links, part cautionary tale (and music video!) about how the promise of a free burrito can ruin your business! Check out the video here, and special thanks to Joe Klein for providing the awesome pics to go along with the storyboard - you're a champ. Also, check out the Digital Forensics Survival Podcast which is awesome for learning more about forensics and IR.

We've dug into some pretty technical topics the last few weeks so we're gonna take it easy today. Below are some FAQs and updates I'll cover on today's show: FAQs What security certs should a sales person get? What lav mic should I get for podcasting? How do I know if I'm ready to take the OSCP? When are you gonna do some more YouTube videos? When will the PacktPub project be done? Updates Don't forget to check out these new and/or updated pages on BPATTY: Caldera LAPS PwnedPasswords Speaking engagements I learned that the Cryptolocker song was played as muzak for a security conference. That makes me LOL ;-) Those of you in Minneapolis/St. Paul are invited to join me for Blue Team on a Budget lunch and learn at Manny's - it's on May 3 and hosted by OneIdentity. I'll be at Secure360 on May 16 to give my Blue Team on a Budget talk at 9:30 a.m., and I'll also be hosting our pal Bjorn for his Twin Cities vs. OWASP Juice Shop workshop on May 17. Gonna be awesome - hope you can come to either event (or both!).

This is one of those subjects that has struck everyone from the techno security guru to the average person who might simply be trying to do their job.  Ransomware brands such as Goldeneye, Petya (and its counterpart NotPetya), Cryptolocker, CryptoWall, Locky, WannaCry and very recently, Bad Rabbit (to name only a few) have been making headlines across the globe. I’ll start by taking a quick step back and just define Ransomware before I discuss how it tricks us into letting it in the door. I'll then take you through the stages of it's existence and finally what we can do to be better in the face of quickly advancing and mutating Ransomware attacks. 2017 was the year of the Ransomware... or is it?  2018 is just around the corner so only time will tell. Check out the full blog article based on this podcast on the Codifyre website. https://codifyre.com/tech-skills/what-is-ransomware/ Follow on twitter http://www.twitter.com/codifyre Like on Facebook http://www.facebook.com/codifyre

This is it! The worldwide Internet debut of an original infosec-themed song called CryptoLocker'd, and as the name implies, it's about a CryptoLocker incident. Here's the quick back story: A few years ago a worked on an incident response where a user got phished with a promise of a free burrito from Chipotle but instead got a free order of CryptoLocker! And rather than tell IT or sound the alarms, the user just left for the day! The next day they came back and the company was digitally on fire, and they played ignorant to what was going on. I found the user's handling of the situation humorous (read: not the CryptoLocker infection itself!), so I was inspired to write a song about it. Today's episode has the audio, and I welcome you to follow along with the lyrics below (head to 7ms.us to see the full lyrics as they are included in a GitHub gist)

Heute zu Besuch: Hetti aka Petar Kosic zum Thema Cryptolocker - was ist das, was passiert dabei und was kann ich dagegen tun?

Nella puntata #46 approfondiamo il tema sulla #sicurezzainformatica della puntata #45, sul #backup e sul #salvataggio dei dati stessi dopo un attacco informatico che abbiamo subito e di molto altro ancora con un ospite di eccezione. Infatti In questa puntata, ospite ai nostri microfoni nella prima intervista in #presadiretta, registrata il 24/05/2017, è Andrea Minguzzi, sistemista da un ventennio, appassionato di informatica dalla nascita. Andrea aiuta aziende e professionisti a cogliere i benefici e a districarsi dalle insidie dell'era digitale consigliando quale tecnologia adottare in base al tipo di esigenza specifica. Protagonista e attento osservatore delle nuove dinamiche online che sempre più coinvolgono la società presente. In generale, la comparsa del personal computer negli anni '80 e ’90 ha cambiato la società: la tecnologia si è miniaturizzata un tale livello da essere definita come “Personal” in casa e sul lavoro, da qui la definizione di Personal Computer, come #portable (smartphone) e #wearable (smartwatch). La diffusione della tecnologia alla portata di tutti ha portato l’aumento del numero degli utenti, ma anche dei rischi e dei pericoli, tra tutti oggi i professionisti scoprono sulla loro pelle i danni procurati dai ransomware, nelle varie forme di cryptovirus. CryptoLocker, CryptoWall, TeslaCrypt, Locky, Wannacry, Petya, no Petya… Questi sono sono alcuni dei nomi che devi memorizzare, @avvocatotecnologico. Si tratta di alcune varianti di cryptovirus, e sono quelle che ultimamente hanno causato perdite milionarie A riguardo Andrea ha scritto un #ebook, in #free #download, in cui offre soluzioni per prevenire perdite e contrastare eventuali attacchi. Essere bersaglio di un #cryptovirus non è più una possibile eventualità, bensì è una matematica certezza. A te sta decidere come affrontarlo: da vittima ignara o da preparato combattente. [Free Download] => http://www.cryptostop.it/

Quando arriva è troppo tardi. Si paga o si ha un backup dei dati. Qualche riflessione sui cryptolocker

Craig, Nigel, Joel and Mitch discuss spam resurgence via Necurs waking up, vuln dev in niche spaces, Crypt010cker, and hacking video games as a gateway drug for researchers.

In Episode 8 of Hidden Forces, host Demetri Kofinas speaks with cybersecurity expert and cyber safety advocate, Josh Corman. Josh is the founder of I am The Cavalry, an advocacy group actively engaged in addressing some of the most pressing issues of public safety and threats to human life on the Internet today. He is also the Director of the Cyber Statecraft Initiative at the Atlantic Council. Josh Corman is part of the 2016 Cybersecurity Task Force commissioned by the United States Congress to address the growing risk to our hospitals, medical infrastructure, and connected devices, from cyber-attacks. Gone are the quaint, innocent days of the early Internet, with its pesky Trojan’s, Macro Viruses, RATs, slammer worms, and blaster worms. Today’s cybersecurity landscape features a wide assortment of easily accessible and robust attack tools that exploit software bugs like Shellshock and Heartbleed. This is a cybersecurity landscape littered with DDoS and PDoS attacks like the Mirai Botnet and the recently released Brickerbot. The use of ransomware tools like CryptoLocker and SamSam have become billion-dollar criminal industries. Cybercrime is estimated to cost the global economy hundreds of billions to trillions of dollars a year. Yet, we accept the losses as the simple cost of doing business. But what about when the cost of these crimes escalates from dollars and cents to flesh and blood? What are the risks to our industrial control systems? What about our aviation and emergency response infrastructure? What are the vulnerabilities in our connected devices, cars, and hospitals? The threats posed by cyber criminals, terrorists, and hackers are no longer fringe concerns. They strike at the heart of our increasingly interconnected, exposed, and vulnerable society. In this episode, we explore what to do about them.  Producer & Host: Demetri Kofinas Editor & Engineer: Stylianos Nicolaou Join the conversation on Facebook, Instagram, and Twitter at @hiddenforcespod

Cryptolocker strikes again, threatening phone calls about Jewish doc, transmission shop employee final check bounces, State of Virginia holding driving privilege hostage, that and much much more.

CryptoLocker, Game Over Zeus and heartbleed have made 2013 and 2014 difficult years for the average Joe computer user. These viruses and exploits are serious, much more than most.

Neste episódio, Paulo Sant’anna recebe novamente Geraldo Bravo, engenheiro de pre-vendas da Cyberark para continuar a conversa sobre Ransomware, assunto já abordado no SegInfocast #41 com Carolina Bozza. O que é o Ransomware? Geraldo explica que é o ransomware, também conhecido como vírus de resgate, é uma ameaça cujo objetivo é o sequestro de dados criptografando de forma não autorizada arquivos da vítima (sistemas, documentos, entre outros) exigindo um pagamento para que se tenha acesso as informações com a revelação da chave usada para decriptar os arquivos. Quais são as principais famílias do Ransomware? Nosso entrevistado cita algumas famílias: CryptoLocker, uma das mais ativas atualmente. CryptedXXX, que além de criptografar arquivos também busca por credenciais e bitcoins, a razão que permitiu que os criminosos possam cobrar resgates sem serem identificados. Crisis, que tem a capacidade de criptografar arquivos de sistema. Um ponto interessante é o fato que o alvo dos ransomware não são somente máquinas Windows, mas também outros sistemas operacionais como o Mac e Android. Os vetores de ataque do Ransomware Mesmo com várias tecnologias de proteção, o e-mail (phishing) ainda é a forma mais utilizada para os ataques. E são utilizados executáveis e também documentos e scripts infectados. Quais são as medidas para frear a ação desses ataques? A primeira medida é a prevenção através de controle de e-mail e conscientização. O segundo passo é a contenção para evitar a propagação da ameaça na rede, impedindo a comunicação com o servidor na internet, para a criação das chaves de criptografia, porém alguns ransomwares já possuem uma chave padrão. Outras ações recomendadas são o monitoramento a nível de arquivos e também o conceito de privilégio mínimo necessário, para evitar uma infecção altere outros processos importantes no sistema. O que podemos esperar para o futuro? Geraldo acredita que a Internet das Coisas aumentará ainda mais as possibilidades de infecção. Já existe um ransomware chamado Flocker, que consegue infectar uma smartTV, por exemplo. Uma outra novidade é o RaaS (Ransomware-As-A-Service), onde você pode escolher a ameaça mais adequada ao seu objetivo, criando uma variante exclusiva para o comprador. Geraldo Bravo é engenheiro de pré-vendas da Cyberark com experiência de mais de 10 anos na área de redes e segurança da informação. Atuou em outras áreas como Gestão de Projetos e Gestão de Equipes e possui diversas certificações de segurança da informação.

Cyber attacks aren't just an urban myth and I'm speaking from very recent experience here. One Monday morning I found our dental IT system in lock down and our business held to ransom by a CryptoLocker attack. Fortunately, I'd met James Borg and he was my knight in shining armour. James is the Managing Director of Teamwork Technology and in ...   Read more... This article is copyright ©  Dr Jesse Green The post 28. How Secure are your IT Systems from Cyber Attack, with James Borg appeared first on Dr Jesse Green.

Cyber attacks aren't just an urban myth and I'm speaking from very recent experience here. One Monday morning I found our dental IT system in lock down and our business held to ransom by a CryptyLocker attack. Fortunately, I'd met James Borg and he was my knight in shiny armor. James is the Managing Director of Teamwork Technology and in this episode we discuss the importance of having secure, reliable IT systems in your dental practice. With over ten years of IT experience within the dental industry, he and his team are highly knowledgeable with solutions that are relevant to the dental industry. We chat about: Common IT problems in dental practices The impact of IT systems on your professional image and productivity The essentials of a good IT system The key things you need for IT security My experience with a CryptoLocker attack Three action steps to improve your practice IT systems

En este capítulo Nacho nos da una clase magistral de cómo hacer una copia de seguridad con el comando dd de un livecd o de unix en general para tener una copia de seguridad inmune a cryptolocker. Nacho comenta en el capítulo que me pasaría ejemplos de como utilizar dd pero ha pasado de mí, así que os pongo ejemplos que he sacado de linuxzone.es: Lo primero siempre es tener claro el disco duro de origen y el de destino, algo que averiguamos fácilmente con el comando (como root) fdisk -l. La sintaxis más básica, sería ésta [como root]: dd if=[origen] of=[destino] Por lo que si quisiéramos clonar un disco duro: dd if=/dev/hda of=/dev/hdb bs=1M con esto clonaríamos el disco hda en hdb. (discos IDE) O: dd if=/dev/sda of=/dev/sdb bs=1M para discos SATA Con bs=1M, estamos diciendo que tanto la lectura como la escritura se haga en bloques de 1 megabyte (menos, sería más lento pero más seguro, y con más nos arriesgamos a perder datos por el camino). Hay que tener en cuenta que de esta forma grabarás el disco “tal cual”, MBR, tabla de particiones, espacio vacío, etc., por lo que sólo podrás grabar en un disco del mismo o mayor tamaño. Vamos a ver algunos ejemplos prácticos y opciones de este comando: dd if=/dev/hda1 of=/dev/hdb bs=1M Grabaríamos sólo la primera partición del disco de origen en el de destino. dd if=/dev/hda of=/dev/hdb1 bs=1M Grabaríamos el disco completo en la primera partición del disco de destino. dd if=/dev/hda of=/home/hda.bin Crear una imagen del disco duro, puede ser bin o iso (a partir de ahora utilizaré nuestro home como ejemplo). Como root: dd if=/dev/hda | gzip > /home/hda.bin.gz Crearíamos con el anterior comando una imagen del disco comprimida, (podemos utilizar gzip, bzip o bzip2.) Crea una imagen de un CD: dd if=/dev/cdrom of=/home/imagendeCD.iso Para montar la imagen del CD: mount -o loop imagedeCD.iso /mnt/home Copiar el Master Boot Record: dd if=/dev/hda of=mbr count=1 bs=512 Para restaurar el MBR: dd if=mbr of=/dev/hda Copiar el Volume Boot Sector (VBS): dd if=/dev/hda of=/home/sector_arranque_hda count=1 bs=512 Para restaurar el VBS: dd if=/home/sector_arranque_hda of=/dev/hda Algunas curiosidades: Recuperar un DVD rayado: dd if=/dev/cdrom of=/home/dvd_recuperado.iso conv=noerror,sync Esto no recupera todo el DVD, en este caso, sólo los sectores legibles. Sirve también para discos duros defectuosos. La opción noerror sirve para obviar los errores de lectura en cualquier situación. Otro ejemplo sería: dd conv=noerror if=/dev/hda of=~/home/imagen_disco_con_errores.iso Grabaríamos con ello una imagen del disco duro en nuestro home saltándonos los errores del disco (muy útil para discos que se están muriendo). Limpia nuestro MBR y la tabla de particiones: dd if=/dev/zero of=/dev/hda bs=512 count=1 Limpia el MBR pero no toca la tabla de particiones (muy útil para borrar el GRUB sin perder datos en las particiones): dd if=/dev/zero of=/dev/hda bs=446 count=1 Crea un archivo vacío de 1 Mb, una opción muy interesante como ahora veremos: dd if=/dev/zero of=archivo_nuevo_vacio bs=1024 count=1024 Crear un archivo swap de 2Gb así de fácil: sudo dd if=/dev/zero of=/swapspace bs=4k count=2048M mkswap /swapspace swapon /swapspace Al borde de la paranoia… Convierte todas las letras en mayúsculas: dd if=miarchivo of=miarchivo conv=ucase Cambia en todo el disco, la palabra Puigcorbe por Slqh, ( puedes cambiar rápidamente tu nombre a todos los archivos del disco): dd if=/dev/sda | sed ‘s/Puigcorbe/Slqh/g' | dd of=/dev/sda Regalitos También hablamos del nuevo libro de Jose María Cortés Carmona, Dni en sedes electrónicas, del que ha tenido a bien regalarnos una serie de promocodes que podéis canjear en iBooks Store. La lista de promocodes que pongo a continuación se pueden utilizar una sola vez, por lo que si os dice iBook Store que ya están utilizados es que habéis llegado tarde, así que corred, insensatos. PPYRNRJWMT4Y 66EJHTJF6L43

Catch up with Cody and Jon as they talk life milestones, Devil in the White City, Hearthstone, Metal Gear Solid V: The Phantom Pain, and Final Fantasy: Type-0 HD. Photo credit: Diavolomezzo via Flickr Show Notes: * Cody talks microphones, acoustics, and what kind of podcast you can expect to hear * Jon chastises Cody for not making enough Phoenix Wright: Ace Attorney jokes when he interviewed Sam Castree III, Ace Attorney on the podcast * Cody rants about how Radiolab ripped off his story about the Cryptolocker virus; Jon tries to debunk his theory of being ripped off directly, but Cody uses the power of the lottery and math to thwart his efforts * Jon tells an endless, boring, rambling story about why he hasn’t been on the podcast lately, and somehow manages to do so while clicking his mouse the entire time * Congratulations to Mister Manager, since Jon thinks he’s a big deal now because he sold his house (hear how it happened!) * If you’ve ever wanted to learn about listing a house, buying or selling a house, or any other miscellaneous real estate questions… then this is definitely not the podcast for you. But Jon talks in painstaking detail about those things anyway * Fun fact about Walt Disney and his dad, which serves as a seamless transition into Cody talking about Devil in the White City, an excellent book * Cody explains that reading Devil in the White City is infinitely more fun and rewarding than playing Hearthstone in literally every way * Jon claims that the Arena is still “kind of” fun, but Cody insists that Hearthstone generally just really sucks and is not a game “for him” * Cody gives an update on Metal Gear Solid V: The Phantom Pain, which he’s now played for a bit over 50 hours * Cody describes the “buddy” system, including D-Horse, Diamond Dog, and Quiet, which is very cool * Cody also discusses the prevalence of side missions and dispatch missions in the context of main story missions * Jon discusses his first impressions of Final Fantasy: Type-0 HD, which Cody had also begun playing before he got MGSV * Jon explains the premise and beginning of the game, and he and Cody discuss how the “tutorial” near the beginning nearly ruined the game for both of them * Cody calls out the voice acting after Jon calls out some inconsistencies in what graphics had increased resolution and what graphics seem to have been forgotten * They discuss pacing in games and how things like the tutorial in this game can really mess up a game * Cody plugs the GonnaGeek Network, specifically All Things Good and Nerdy * Reminder that you can subscribe to Unqualified Gamers on iTunes, and even leave reviews, which we would LOVE for you to do

Cody explains the intricacies of the CryptoLocker ransomware trojan, and how he’s dealing with the effects. Plus, hear about all the games he played at BitBash 2015, Chicago’s alternative / indie games festival. Show Notes: * Cody explains why he’s recording a solo episode and what happened to his home PC * Hear all about the CryptoLocker Virus, and what it will cost Cody to get rid of it so he can use his home computer again * Cody discusses BitBash 2015, Chicago’s alternative games festival, including some background on the festival and how well he liked the way it was organized this year * Cody talks about all the games he played (or saw people play) at BitBash 2015, many of which you can preview in video form on his Instagram account: * Downwell by Devolver Digital, “a game about a young man going down an endless well with gun-boots.” * Gunsport by Necrosoft Games, which “takes place in an alternate future where humans have grown tired of war. Nations’ petty disputes are now settled with the World’s Game, Gunsport.” * Chambara, “a local multiplayer stealth-deathmatch game with only two colors, allowing players to seamlessly camouflage themselves with the environment.” * Yojimbrawl, “a fighting game with very fluid fighting mechanics made by Evan Greenwood (Programming), Dawid Strauss (Art) and Deon van Heerden (Music/SFX).” * Fotonica, “a first-person game about the thrill of speed and traveling flawlessly through complex environments.” * Particle Mace, “a 1-4 player game for Windows/Mac/iOS by Andy Wallace about defending yourself in a hostile universe by swinging particles into enemies.” * Johann Sebastian Joust, “a no-graphics, digitally-enabled playground game for 2 to 7 players designed for motion controllers.” * Elbow Room by Deep Dark Hole, “a game about personal space, perpetual motion, and hitting a single key better than anyone else.” * Cody also discusses the 18 and up “adult games” area at BitBash, including some incredibly lewd but incredibly humorous games * If you’re a video game developer and want to talk to Cody on the podcast, then email him and Jon at unqualifiedpodcast@gmail.com!

Lots of photography topics this week as we take a look at applications that run on Android smart phones and tablets, then consider how to turn a scanned newspaper photo into something useful. The crooks who run CryptoLocker malware may be honest thieves, but they're still costing victims millions of dollars. In Short Circuits: Speaking of LOTs, hackers grounded many of the Polish airline's airplanes this week and Microsoft continues to clarify conditions under which Windows 10 will be without charge. Maybe some people are just trying too hard to misunderstand. In Spare Parts, only on the website: How icons that you'll see in Windows 10 have changed during development and thoughts on the importance of carefully reviewing a laptop computer's specifications before buying it.

En el capítulo de hoy nos acompaña Josep Albors, director de comunicación y laboratorio de ESET y experto en ciberseguridad. Hablaremos del antivirus NOD32 que comercializa en España de forma exclusiva Ontinet, ingeniería social, phising, Cryptolocker y muchos más temas de seguridad.Para contactar con nosotros lo podéis hacer de dos formas, a través de Twitter en @programarfacilc y a través del formulario de contacto. Recordar que tenéis una lista de distribución a vuestra disposición a la que os podéis suscribir.La empresa ESET nació en Eslovaquia por el año 1992 aunque su famoso antivirus NOD32 surgió antes, cuando la extinta Checoslovaquia aún existía. De manera internacional se dio a conocer en los años 1999 y 2000, cuando varios distribuidores de todo el mundo entre ellos Ontinet, comenzaron a comercializar sus productos. Sus números lo avalan, es el 5º a nivel mundial en número de instalaciones. Ontinet es una empresa dedicada a la distribución mayorista de productos de seguridad afincada en Ontinyent, Valencia (España) que dan soporte a la gama de productos de ESET en español. Aunque no se trata del único antivirus que hay en el mercado, podemos encontrar más de 40 soluciones de antivirus de marcas reconocidas, NOD32 tiene ciertas características o ventajas que lo hacen ser una opción muy interesante.Este antivirus se conoce sobre todo por la ligereza ya que no afecta casi al rendimiento del sistema, siendo ésta una de sus ventajas más interesantes. Tiene un método de detección o heurística avanzada sin ralentizar el equipo incluso en sistemas operativos antiguos como XP. En las últimas versiones ya se han incluido características como por ejemplo la detección de phising, capas antispam, anti botnets, un sistema de reconocimiento de muestras de forma temprana para evitar por ejemplo virus Rasomware como Cryptolocker. También incorpora un sistema que permite localizar nuestro portátil en caso de robo o extravío y control parental para la protección y control de los menores de la casa.Josep nos comenta que en la actualidad cada día aparecen entre 250.000 y 300.000 nuevas amenazas. Esto implica que el concepto de antivirus haya cambiado ya que es imposible con este volumen de nuevas amenazas tener una firma de virus actualizada al segundo. En la actualidad los antivirus hacen bastantes más cosas que comprobar si es un virus que se encuentra en la base de datos de virus. La detección del 100% de las amenazas no está garantizado con ningún producto así que deberemos escoger aquel que se adapte mejor a nuestras necesidades.Josep nos recalca la importancia que tiene proteger nuestros dispositivos móviles como smartphones o tablets, evitando que nos infecten con algún virus capaz de enviar mensajes de tarificación especial y el bloqueo de nuestro dispositivo con la petición de un rescate. También es importante proteger todos los dispositivos conectados a Internet sea cual sea su sistema operativo como por ejemplo los MAC. En este caso particular la tendencia es que cada vez se está poniendo más el punto de mira a sus usuarios debido a dos razones. Por un lado son usuarios que descuidan bastante la seguridad debido a los años y años de marketing vendiendo que los MAC son inmunes a ataques, ya se ha comprobado que esto no es cierto. Por otro lado, los usuarios de MAC, por norma general, suelen ser usuarios con un poder adquisitivo más alto pudiendo reportar más beneficios a los delincuentes.Los equipos con sistema operativo Linux son susceptibles de ser atacados sobre todo cuando se comporta como un servidor. Gran parte de estos ataques se debe a que hay muchos de ellos que están obsoletos, sin actualizar a las últimas versiones.Pero todo esto es solo el principio, Josep y Programarfacil coincidimos que la revolución que se avecina con el Internet de las Cosas traerá como consecuencia el incremento de la ciberdelincuencia asociado a la gran cantidad de dispositivos que necesitan un software para funcionar y que estarán conectados a Internet. Estos dispositivos podrán ser hackeados por delincuentes y más si los fabricantes del hardware descuidan la capa de seguridad como lo están haciendo en la actualidad.Ingeniería socialEs un término muy de moda en la actualidad y que nos debe preocupar a todos ya que ninguno estamos exentos de que nos pueda pasar. Consiste en sacar u obtener información de la víctima, sin que ésta se de cuenta, jugando con su cerebro y con sus pensamientos para obtener información útil y necesaria para el delincuente. Aplicado al tema del malware o del crimen suelen engañarnos suplantando la identidad de empresas de confianza para proporcionarles información relevante como claves de acceso, DNI, dirección o cualquier clase de información que puedan utilizar en su propio beneficio o vender a terceros. Un caso curioso de esta técnica consiste en obtener información de un sistema informático accediendo a través de perfiles no técnicos, suplantando su identidad y accediendo a través de ellos a perfiles más técnicos.PhishingEl phising es la suplantación de la identidad y se aprovecha de la ingeniería social para obtener su objetivo. Normalmente se utiliza para suplantar la identidad con entidades bancarias aunque no tiene porqué. Existe el phising de redes sociales, de cuentas de correo electrónico y de cualquier cuenta donde debamos autentificarnos siendo su fin último obtener las claves necesarias para suplantar la identidad del usuario.Las recomendaciones de Josep para protegernos de estos dos ataques son, verificar el correo del remitente aunque esto sea una tarea complicada en muchos casos. Desconfiar de todos los correos que nos llegan pidiendo algún tipo de dato de seguridad o de documentación personal ya que las empresas jamás nos solicitarán esta información a través de estos medios. En caso de duda siempre debemos de recurrir a la entidad o ponernos en contacto a través de algún medio de comunicación oficial. No facilitar ningún dato personal a través del teléfono, acudir a la oficina más cercana para dar esta información.CryptolockerCryptolocker pertenece a una familia de malware que se conoce como rasomware. No es el único de esta especie pero si el más mediático. Josep nos avisa que desde principios de años las empresas de seguridad y los organismos oficiales se están dando cuenta que España es uno de los países donde este tipo de virus están teniendo más éxito, algo lamentable a su parecer ya que esto denota que hace falta prevención, activar mecanismos que hasta ahora no se han activado y sobre todo mucha formación a todos los niveles. Básicamente estos virus son capaces de apoderarse de los archivos de tu ordenador encriptándolos y pidiendo un rescate para ser liberados. Hay que hacer hincapié que la prevención es el único método que nos ayudará a no contagiarnos ya que una vez infectados no hay ningún antídoto válido bueno, para poder rescatar tus archivos la única posibilidad es pagar el rescate que te soliciten los delincuentes. Esto no está exento de riesgos, estamos hablando de delincuentes y pagar no te garantiza que realmente te den las claves correctas para desencriptar tus archivos. El rescate oscila entre 200€ y 6.000€. Podemos prevenir teniendo todo nuestro software actualizado, desconfiar de cualquier correo electrónico sospechoso, tener varias copias de seguridad en diferentes medios físicos y sobre todo formación.Pues hasta aquí el programa de hoy, ha sido muy interesante poder hablar con Josep Albors sobre temas de seguridad algo que nos debe preocupar a todos y ser conscientes de ello.A continuación puedes ver los enlaces y recursos que hablamos en este podcast.Chema AlonsoHangoutonLorenzo MartínezPara contactar con Eset lo podéis hacer en Facebook y Twitter.Recurso del díakeepass.infoA día de hoy debemos de recordar multitud de contraseñas como todas nuestras cuentas de e-mail, la cuenta de Google, Apple, Yahoo y un largo etcétera que se puede hacer interminable. Muchas veces se hace imposible recordar todas y cada una de ellas, pero gracias al software que os presentamos hoy, Keepass, podemos recopilarlas todas en una base de datos la cual está protegida con una llave maestra o un archivo maestro. La ventaja de este tipo de software es que solo tienes que recordar una contraseña, la contraseña maestra que te da acceso al resto de las contraseñas. La base de datos está encriptada usando el mejor y más seguro algoritmo que existe en la actualidad, AES y Twofish. Este software es gratuito y de código abierto.Muchas gracias por todos los comentarios y valoraciones que recibimos a través de las plataformas de podcast ivoox, iTunes y Spreaker.

Hoy os hablamos del virus CryptoLocker que está causando auténticos destrozos en las empresas. Es un virus de la familia de los Cryto-malware o Ransonware, son muy peligrosos y tienen la capacidad de secuestrar los archivos de tu ordenador cifrando o encriptando todos aquellos que se encuentra en su camino.Como ya sabéis tenéis a vuestra disposición un formulario de contacto y una lista de distribución. Podéis hacer uso de ellos como os venga en gana.Los virus llamados generalmente Crypto-malware como CrytoLocker, CriptoWall o CryptoFortress están muy en auge en España debido a que recientemente se ha producido un ataque masivo.Estos virus encriptan los archivos de tu ordenador de forma aleatoria buscando ciertos patrones como archivos .doc, .pdf. .csv, etc... Es complicado para los antivirus detectarlos a tiempo ya que salen nuevas variantes constantemente. Realmente no afectan a los archivos del sistema pudiendo funcionar con normalidad las máquinas infectadas, lo único es que no se puede acceder a los archivos bloqueados.La mayoría de ellos actúa en cinco etapas.InstalaciónLa infección comienza al recibir un e-mail como si fuera de Correos. En el e-mail nos informan que tenemos una carta certificada a nuestro nombre y que vayamos al enlace adjunto para descargarnos la notificación.Es una infección silenciosa y modifica el registro de Windows donde introduce unas claves que inician el virus cada vez que se arranca el ordenador.Contacto con los malhechoresTras ser infectado el virus comienza el proceso y lo primero es contactar con su cuartel a través de Internet. Prueba con cada una de las direcciones que tiene almacenadas en busca de una respuesta. En cuanto la encuentra intercambia las claves de cifrado. Ahora ellos son los únicos que pueden descifrar tus archivos.Secuestro de archivosEl virus elige archivos de tu disco duro con un patrón definido como pueden ser archivos de Office, AutoCAD, archivos de datos, Photoshop, etc...Cuando los ha encontrado los cifra con una clave muy potente siendo imposible, a partir de este momento, abrirlos si no se tiene el antídoto o claves originales, los cuales están en posesión de los criminales.Existe una variante que se llama TeslaCrypt que secuestra partidas y archivos esenciales de juegos instalados en tu ordenador.Es importante destacar que solo infecta a sistemas operativos Windows. Esto no implica que no pueda afectar a máquinas con sistemas operativos como Mac o Linux. Lo cierto es que una vez instalado el virus en un ordenador, intentará atacar a todas aquellas unidades que estén a su alcance ya sea mediante red o USB. De este virus no se escapa nadie.Petición de rescateUna vez infectado y encriptado los archivos comienza la petición de rescate. Lo típico es a través de un navegador web, mostrando una página al arrancar nuestro navegador, donde se dan las instrucciones claras y concisas de los pasos que tienes que seguir para pagar el rescate.Pago de rescateLa cuantía del rescate varía respecto a la mutación, pero puede llegar a ser hasta 500€. Normalmente te dan un tiempo de entre dos y tres días para pagarlo. Trascurrido este tiempo puede pasar dos cosas, o aumenta el rescate o directamente desaparece la opción de pagar.El pago se suele hacer en una moneda virtual que se llama Bitcoin. Es una moneda que es muy difícil de identificar.Los expertos en materia de seguridad son unánimes y recomiendan no pagar a menos que sea estrictamente necesario. Pagar no garantiza que te den la clave correcta, aunque es verdad que en la gran mayoría de casos el pago ha funcionado. Además, estás financiando a los criminales. Esto implica que tendrán más fondos para crear virus cada vez más potentes.Recurso del díawww.eset.esHoy os recomendamos un antivirus español, más concreto de Alicante. Es el Nod32 de la casa Eset. Es un antivirus que funciona muy bien y no consume muchos recursos de tu sistema lo que le hacen ser muy ligero en términos de proceso. Ofrece una prueba de 30 días gratuita y el precio puede variar pero está entorno a los 28€/año. Este precio se va reduciendo año a año según vas renovando y tienen ofertas especiales para múltiples licencias.Pues hasta aquí el programa de hoy, esperamos que os haya sido de ayuda y llevar cuidado con los virus, hay que tener siempre un antivirus instalado y actualizado. Como siempre agradeceros todos vuestros comentarios y valoraciones en las plataformas iTunes, ivoox y Spreaker, muchas gracias.

Sophos experts Chester Wisniewski and Paul Ducklin turn the week's security news into actionable advice. In this episode: the Sophos SPAMPIONSHIP; understanding bots and zombies; keeping your web servers safe; and why ransomware isn't dead, even if CryptoLocker is.

Topics covered Apple has been making news, issuing guidance, and refuting a hack - all around iCloud http://www.padgadget.com/2014/09/03/apple-warns-developers-not-to-store-health-data-in-icloud/ http://www.padgadget.com/2014/09/03/apple-says-celebrity-photo-leak-was-not-due-to-icloud-breach/ http://www.cio-today.com/article/index.php?story_id=94027 HealthCare.gov was hacked, but no worries it was only a test server and no 'data was taken/viewed'. Does this sound like something you've faced in the enterprise ... hmmmm?If only there was someone warning them about the insecurity of that site! h/t to Dave Kennedy for standing up and taking political heat. http://www.nationalreview.com/article/387182/healthcaregov-hack-reminiscent-earlier-vermont-exchange-attack-jillian-kay-melchior http://www.computerworld.com/article/2603929/healthcare-gov-hacked-if-only-someone-had-warned-it-was-hackable-oh-wait.html Home Depot apparently has suffered a massive breach, much like Target. Interesting? Or ho-hum? (did you Buy The Dip? h/t @DearestLeader ) http://seekingalpha.com/article/2478055-home-depot-potential-data-breach-may-have-presented-a-good-opportunity-to-buy-the-stock http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/ http://www.csoonline.com/article/2601082/security-leadership/are-you-prepared-to-handle-the-rising-tide-of-ransomware.html Norway's Oil & Gas industry is now the target of hackers, seeking to get intelligence on production, exploration - and that all-important state-sponsored competitive edge. http://www.thelocal.no/20140827/norwegian-oil-companies-hacked Google is deprecating (in a big way) the use of SHA-1 in certificate way ahead of the set schedule. Is this "Google the game-changer" or "Google the bully"? You decide - tweet us at #DtR http://www.csoonline.com/article/2602108/security-leadership/do-you-agree-with-googles-tactics-to-speed-adoption-of-sha-2-certificates.html http://www.zdnet.com/google-accelerates-end-of-sha-1-support-certificate-authorities-nervous-7000033159/

Chester Wisniewski and Paul Ducklin present Sophos's regular weekly security podcast, the "Chet Chat." This week the enthusiatic experts look at: yet more in the TrueCrypt saga; the Towelroot software for rooting locked-down Androids; the ongoing problem of ransomware even after the CryptoLocker takedown; and Canada's long, long, long-awaited anti-spam law.

Chester Wisniewski and Paul Ducklin take on the latest security news with their usual mix of enthusiasm, expertise and entertainment. This week, they dig into the bafflement of the disappearing TrueCrypt encryption software: did it jump, or was it pushed? They also look at the takedown of the Gameover and CryptoLocker malware by law enforcement, and Chet sends Duck down memory lane to tell us what we can learn from ten years of mobile malware.

You have 72 hours to decide whether to reward crime and pay up. Thanks Malwarebytes for your help.

Chet and Duck turn the week's news into useful lessons once again. There's Patch Tuesday, the impending end of XP, Advanced Persistent Threatitis, and some astonishing statistics about just how many people have been hit by the CryptoLocker ransomware. Join the dynamic duo for another entertaining quarter-hour on computer security.

Cybercrime kits for malware (driven by Cryptolocker success), tranfering data from old computer to new, changing administrative password in Windows (using Offline NT Password and Registry Editor), Profiles in IT (Stephen D. Crocker, Internet pioneer and creator of Request for Comments), RFC 968 ('Twas the Night Before Startup by Vint Cerf), tech gifts that teach (LittleBits, SnapCircuits, Lego Mindstorms, Kodu, Bigshot Camera Kit, Arduino Robot Kits), QuadCopter gift guide (ranging from $100 to $1200, DJI Phantom Vision is tops at $1200), surprise visit from David Burd (delivering Victoria Secret with quadcopter), laptop guide for Christmas (ranging from $279 to $1400, prices are dropping), and Hour of Code campaign (sponsored by code.org, designed to motivate students to code). This show originally aired on Saturday, December 14, 2013, at 9:00 AM EST on WFED (1500 AM).

Cybercrime kits for malware (driven by Cryptolocker success), tranfering data from old computer to new, changing administrative password in Windows (using Offline NT Password and Registry Editor), Profiles in IT (Stephen D. Crocker, Internet pioneer and creator of Request for Comments), RFC 968 ('Twas the Night Before Startup by Vint Cerf), tech gifts that teach (LittleBits, SnapCircuits, Lego Mindstorms, Kodu, Bigshot Camera Kit, Arduino Robot Kits), QuadCopter gift guide (ranging from $100 to $1200, DJI Phantom Vision is tops at $1200), surprise visit from David Burd (delivering Victoria Secret with quadcopter), laptop guide for Christmas (ranging from $279 to $1400, prices are dropping), and Hour of Code campaign (sponsored by code.org, designed to motivate students to code). This show originally aired on Saturday, December 14, 2013, at 9:00 AM EST on WFED (1500 AM).

For us mere mortals a virus is one of the most frustrating and debilitating things that can happen to our computers, while for most IT professionals they're nothing more than just a minor annoyance.  In the past few weeks however a new threat has come to light that has even the most seasoned of IT pro's quaking in their boots and in this weeks ITech Insights we're going to tell you all about it, some steps you can take to avoid getting it, and most importantly some ways to protect all that stuff in your digital life that you'd be lost without.   Show Notes: Related Articles about Cryptolocker --  Home Back-Up Solutions: Microsoft Shadow Copy - Shadow Protect - Carbonite - Mozy -

Showing photo dates in iPhone (Photo Date app, Exif data revealed, perils of GPS location), CryptoLocker ransomware (method of attack, no way to release files without paying ransom, beware of attachments, use backups), installing new anti-virus (uninstall prior AV first), Profiles in IT (Evan Spiegel, co-founder and CEO SnapChat), Christmas gift ideas for techies (FitBit Force lifestyle tracker, mobile pocket projector, digits to make make gloves touchscreen friendly, Epic Virtual Keyboard, smart watch options, iPad Mini, and Lego Mindstorm), and Dumb Idea of the Week (underpants for your smartphone, protect your home button). This show originally aired on Saturday, December 7, 2013, at 9:00 AM EST on WFED (1500 AM).

Showing photo dates in iPhone (Photo Date app, Exif data revealed, perils of GPS location), CryptoLocker ransomware (method of attack, no way to release files without paying ransom, beware of attachments, use backups), installing new anti-virus (uninstall prior AV first), Profiles in IT (Evan Spiegel, co-founder and CEO SnapChat), Christmas gift ideas for techies (FitBit Force lifestyle tracker, mobile pocket projector, digits to make make gloves touchscreen friendly, Epic Virtual Keyboard, smart watch options, iPad Mini, and Lego Mindstorm), and Dumb Idea of the Week (underpants for your smartphone, protect your home button). This show originally aired on Saturday, December 7, 2013, at 9:00 AM EST on WFED (1500 AM).

Episode 4 - Ransomware again hits headlines, price of data in the underground economy, review of pragmatic network security management and is cyber insurance hot...or not.

Episode 0x37 Two Guys !HTML It's completely unreasonable for me to ask that they come up with a short pithy paragraph to start off the show notes. Of course, I'm fairly certain that no one refers to these notes anyways. Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary GitHub undergoing a massive automated brute force attack GitHub blog post announcement Police set poor example by paying $750 CryptoLocker ransom China get's more with the censorship Silverlight users beware (That means you Netflix watchers) Breaches Cupid Media dating website exposes 42 million plaintext passwords Krebs reporting on it. Dave Maclure's email gets breached SCADA / Cyber, cyber... etc FBI says the .gov has been breached lots Stuxnet's twin DERP Jeremy Hammond gets nailed with a 10 year sentence LG Smart TVs logging USB filenames and viewing info to LG servers Idiot steals NATO data to prove a point - goes to jail Mailbag / Deep Dive Dear Liquidmatrix Why won't they PATCH THE VULNS!!!!???? So many vulns!!!! unpatched vulns survivor Briefly -- NO ARGUING OR DISCUSSION ALLOWED Hacker Opsec Go Dave Kennedy Go! Liquidmatrix Staff Projects -- gratuitous self-promotion The Security Conference Library Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time. If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca Upcoming Appearances:  -- more gratuitous self-promotion Dave: - At a Chiropracter near you! James: - In the United States Ben: - Cyloning Matt: - Possibly Seattle soon and AppSec California Wil: - Acting! Other LSD Writers: - What's that again? Advertising - pay the bills... Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course Seacrest Says: Rob Ford is my homeboy Creative Commons license: BY-NC-SA

Puissance PS4 -Pierre-Luc Pelletier nous parle de Cryptolocker et de Bitcoin. -Andrew Castegan nous parle de la sortie de la PS4. -Julien Mathern nous parle comic books trash. -On critique Assassin's Creed IV : Black Flag sur PS4....This item has files of the following types: Archive BitTorrent, Metadata, Ogg Vorbis, PNG, VBR MP3

Chester and John Shier take time out of the IANS Information Security Forum in Atlanta, Georgia, to talk about the key issues of the past week. There's the US police department that paid the CryptoLocker ransom; the company Loyaltybuild that took two weeks to tell its loyal customers that it hadn't even bothered to encrypt their PII that was stolen; and, to finish with some good news, high praise for Microsoft's public push for cryptographic progress.

The Xbox One is out this week, the blokes have their thoughts and reviews, plus Call of Duty Ghosts is out, the expert has his say plus we compare Next gen to last gen consoles, Telstra's Belong broadband, Cryptolocker warning, Livescribe 3, the Parrot Flower Power for your garden and Stephen's minute reviews

The Xbox One is out this week, the blokes have their thoughts and reviews, plus Call of Duty Ghosts is out, the expert has his say plus we compare Next gen to last gen consoles, Telstra's Belong broadband, Cryptolocker warning, Livescribe 3, the Parrot Flower Power for your garden and Stephen's minute reviews

Following a caller two weeks ago's concerns about Cryptolocker viruses, this week I speak to Kaspersky Lab about the problem and just what it means, plus Cricket Australia bringing the game to your phone or tablet and is the new XBOX ONE worth buying for Call of Duty? Plus your calls

Following a caller two weeks ago's concerns about Cryptolocker viruses, this week I speak to Kaspersky Lab about the problem and just what it means, plus Cricket Australia bringing the game to your phone or tablet and is the new XBOX ONE worth buying for Call of Duty? Plus your calls

Following a caller two weeks ago's concerns about Cryptolocker viruses, this week I speak to Kaspersky Lab about the problem and just what it means, plus Cricket Australia bringing the game to your phone or tablet and is the new XBOX ONE worth buying for Call of Duty? Plus your calls

Welcome to another Indeed Podcast. Today we are joined from a member of the AIE community. Ralph! No, not the wreck it one, but he gives us a 101 on Hearthstone.Weekly Roundup smells like Cat Urine from a Dell. Then Google Glass gets us a ticket and No touchy on the playground. Creepy or Cool looks at the self aware wallet to assist you in spending control. The BUMP we get a first look at "Ender's Game" . Keefe gives us a first look at the new COD Ghost, and Caleb look at Path of Exile. The Main Event we review the new virus that is out there called Cryptolocker. It's a nasty one. Sit Back, Relax, and head to ebay. You wallet wants a new computer, and can't resist that cute little thing.

Episode 3 - A review of another Microsoft vuln, John McAfee for MS CEO, Cryptolocker becoming widespread.  Topics include micro-virtualisation effectiveness and why we all need a data scientist.

TecnoCasters 192 El Secuestrador de documentos y el ipad Air Con: Juan D. Guevara Torres, Lorena Galán, Angel Monjaras y Abrahan Bauza Productor: Abrahan Bauza Cryptolocker - un tipo de "ransomware" que secuestra sus archivos Google planea lanzar un centro de datos flotante  ipad Air disponible  Como usar Google Maps en todo su potencia.  ImotionHD - una excelente aplicación para grabar video  Comentarios de ustedes nuestra audiencia. 

CryptoLocker el virus que secuestra tus Datos Personales y el iMotionHD - Segmento Univision 45 Por: Juan D. Guevara Torres y Michelle Galván

Chet and Duck discuss Oracle's monster Java patch, Joel's backdoor in D-Link routers, Cryptolocker and WhatsApp's demonstration of why you shouldn't roll your own crypto.

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Keith Watson, CISSP-ISSAP, CISA Articles Is Truecrypt Audited Yet?, The TrueCrypt Audit Project, New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks by Cyrus Farivar (Ars Technica), Let’s audit Truecrypt! by Matthew Green (A Few Thoughts on Cryptographic Engineering) Destructive malware “CryptoLocker” on the loose - here’s what to do by Paul Ducklin (nakedsecurity), CryptoLocker Ransomware Information Guide and FAQ by Lawrence Abrams (bleepingcimputer.com)

Starring:Host: Robbie FergusonCo-Host: Christa Wells Adam Kujawa from Malwarebytes joins us to discuss what is possibly the most devastating computer virus of recent years, and how we can protect ourselves from it. Read the complete show notes, comment or rate this episode, view pictures and obtain links from this episode at https://category5.tv/shows/technology/episode/317/ Running time: 59 Minutes 40 Seconds