One of the biggest threats that we currently fight with is ransomware. Although it already had our attention, it recently got “very popular”. Ransomware has become one of the most successful forms of cybercrime and the 2016 quickly became the year of ransomware. Despite our skills we can still fail and become victims of its attacks. While the whole cybersecurity community attempts to educate users , the need for better technical support is very real and ever increasing.
Current predictions don’t see the ransomware epidemic slowing down anytime soon. The situation is likely to get far worse, as more cyber criminals move into developing and deploying ransomware.
There is no perfect solution for ransomware (yet), but we hope that with this issue of Hakin9 you will learn how ransomware has evolved so far, and, more importantly, better understand what it takes to minimize the likelihood it appears in your environment, because knowledge is key in protection and prevention.
Enjoy the issue,
Table of Contents
Github Corner - Ransomware
Ransomware and Python. Allies or enemies?
by Adrian Rodriguez Garcia
Ransomware is one of the types of more dangerous malware that exists at present due to the damages it can cause. Today, knowledge of its main characteristics and its evolution are necessary to act against this type of malware. Python is a tool that is associated with the malware at present and can be an enemy or an ally. You can use Python to create a ransomware or to design a tool that fights it.
Zepto Ransomware Is Here
By now, you should be familiar with the term Ransomware. For those who are unaware, Ransomware is a particularly malicious computer virus which, when launched, encrypts the files on the victim’s computer and demands a ransom in the form of BitCoins.
Virtual VLANs with Endian Firewall and CISCO Layer 2 Switch
by Braier Alves
This article is not intended to explain in detail the concepts of Virtual LANs (VLANs). Also we will not dive into the basic configurations of the equipment used and mentioned here. Therefore, it is assumed that you, the reader, have knowledge in basic installation and configuration of the following tools used in this lab: Endian Firewall (here in version 2.5.1) and CISCO Layer 2 Switch (Catalyst 2960).
Healthcare and U.S. National Security - Cyber Attack Nightmare Scenario
by Rob Campbell
The New York hospital is a 3000 bed facility and is the only Trauma Center in the area. There are 2400 patients, 65 ventilator patients in the medical intensive care unit, and 32 surgeries in progress. It’s 2:15 pm EST and there is a local power outage in New York City on a 90-degree summer day, impacting the nation’s largest hospital. It's a beginning of cyber security attack.
How does ransomware encrypt files?
by David Share
Ransomware. The very word strikes fear in the hearts and minds of CEOs, CSOs and IT security managers alike. So much trepidation over the word is caused by the fact that it is usually mentioned after an attack has struck. The majority of the time, companies do not even consider protecting their systems from a ransomware attack until it is too late.
External Intrusion testing
by Mike Garcia
This paper begins by describing the activities and scope of the test of intrusion. Subsequently, there is a description of the vulnerabilities found, as well as its recommendations and levels of criticality and impact to the environment.
Machine virtualization with Proxmox
by Braier Alves
Machine virtualization is undoubtedly a very important ally for technological environments and provides economics benefits, ranging from the purchase of hardware to less expense with electric power and physical space. The best use of the resources of some servers allocated in a single machine, for example, is also one of the factors of choice of this technology, not to mention that for an administrator, the centralization of several services makes day-to-day tasks much easier.
Ransomware: Why does this cyber threat keep growing?
Let’s go back in time by 30 years, and picture a typical business environment: The office is amass with filing cabinets, all full to the brim with documents that have been carefully separated into reams of brown folders. Heavy, thick set typewriters adorn each large dark wood desk. The filing cabinets have impenetrable looking locks guarding every drawer. The keys to each drawer are different, and each key has its own box, which is also locked. Want to find a document? It’s like the Da Vinci Code of filing cabinets. And now?
Wrath Of Ransomware
by Sumit Kumar Soni
2016 can be called the year of Ransomware. In the last year, we have seen an increase of ransomware attacks and its variants. Not only do these malware use various techniques to attack the systems/organizations, they also evolve from mere hiding files to use various encryption techniques. They innovate on infiltration techniques, as well, including systems connected to databases. Security vendors and law enforcement agencies constantly struggled to protect assets from such attackers.
“You must have a passion about this field”
Interview with Jason Bernier OSCP GCIH Computer Exploitation Engineer at Sotera Defense
Scanning with Nessus
by Braier Alves
Nessus Scan is an audit tool used to detect and fix vulnerabilities on local network PCs. It performs a port scan, detects active servers and simulates intrusions to detect vulnerabilities and security holes, also audits and assembles network profiles, revealing weaknesses.
What you need to know about Ransomware
by Longinus Timochenco
I aim to share a little of my experience in Information Security, Forensics and Compliance and focus on the very sensitive and emerging issue that is affecting companies and individuals all over the world. For many decades, we believed in Information Security’s technical strength, underestimating our responsibilities as IT security specialists, entrepreneurs, users and even individuals. And now we are bitterly experiencing the horror of this simple / basic technique of "Hijacking Data- Ransomware”. Strengthening Information Security and Compliance today is "necessary" and in the near future will be a must for the business world and for the simple, daily users (people). The regulations and laws on attacks, cyber crimes, etc. will be indispensable and needed more than ever.
There are no reviews yet.