ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. malware
    Log in to post
    • All categories
    • gjacobse

      Webroot status
      IT Discussion • webroot spam malware phishing crapware • • gjacobse

      10
      0
      Votes
      10
      Posts
      144
      Views

      scottalanmiller

      @dashrender said in Webroot status:

      I have one client (well, x-client now) that just moved away from it because the new owners used something else, but up to the beginning of June, they were on it with no issues.

      Unless "paying for something that has a negative impact on them" is an issue. To a business, that is always an issue. It's a "loss event" just like any other, similar to a small outage or dataloss. It's a business mistake that causes measurable lost revenue and puts other revenue at risk. So while a hobby could classify it as "not having any issue", no actual business can.

    • WrCombs

      Re-Image Program?
      IT Discussion • malware programming wrcombs • • WrCombs

      7
      0
      Votes
      7
      Posts
      156
      Views

      Grey

      At first, I was thinking this was a PXE boot. Those damned hackers are evil beyond compare.

    • NashBrydges

      Microsoft Search in Bing and Office 365 ProPlus
      News • bing office 365 o365 malware google chrome • • NashBrydges

      28
      4
      Votes
      28
      Posts
      756
      Views

      scottalanmiller

      @Obsolesce said in Microsoft Search in Bing and Office 365 ProPlus:

      @scottalanmiller said in Microsoft Search in Bing and Office 365 ProPlus:

      Since I switched to DDG, I've noticed Google has gone down hill significantly.

      That's why, it's because YOU switched.

      No reason to keep it good, I guess, lol.

    • scottalanmiller

      How Modern Applications Nullify Ransomware
      IT Discussion • security ransomware malware • • scottalanmiller

      4
      5
      Votes
      4
      Posts
      225
      Views

      Emad R

      @scottalanmiller

      Whole article is great but the last 2 lines are 👍 👍

      Shame that NextCloud + OnlyOffice is not really there, I tried it when I was working with MSFF... definitely interesting but needs some time.

    • scottalanmiller

      Windows 10 Defender Won't Start After Malware or Ransomware
      IT Discussion • defender anti-virus windows windows 10 malware ransomware • • scottalanmiller

      35
      4
      Votes
      35
      Posts
      492
      Views

      RojoLoco

      @Danp said in Windows 10 Defender Won't Start After Malware or Ransomware:

      @RojoLoco Click the link and read for yourself. Also this -- https://www.cybereason.com/hubfs/ransomfree-EOL-message.pdf

      Well damn...

    • scottalanmiller

      Researchers use Intel SGX to put malware beyond the reach of antivirus software
      News • ars technica intel processor intel sgx malware ransomware security • • scottalanmiller

      3
      1
      Votes
      3
      Posts
      213
      Views

      scottalanmiller

      @stacksofplates said in Researchers use Intel SGX to put malware beyond the reach of antivirus software:

      Did you see what Intel said regarding this:

      Intel is aware of this research which is based upon assumptions that are outside the threat model for Intel SGX. The value of Intel SGX is to execute code in a protected enclave; however, Intel SGX does not guarantee that the code executed in the enclave is from a trusted source. In all cases, we recommend utilizing programs, files, apps, and plugins from trusted sources. Protecting customers continues to be a critical priority for us and we would like to thank Michael Schwarz, Samuel Weiser, and Daniel Grus for their ongoing research and for working with Intel on coordinated vulnerability disclosure.

      Outside of the threat model?.........

      Haha, whatever that means.

    • mlnews

      Potentially disastrous Rowhammer bitflips can bypass ECC protections
      News • rowhammer ecc security malware ars technica • • mlnews

      1
      1
      Votes
      1
      Posts
      151
      Views

      No one has replied

    • mlnews

      I’ve got a bridge to sell you. Why AutoCAD malware keeps chugging on
      News • malware autocad cad ars technica security • • mlnews

      1
      1
      Votes
      1
      Posts
      164
      Views

      No one has replied

    • mlnews

      NetwiredRC Backdoor Used to Attack Holiday Suppliers
      News • malware security softopedia netwiredrc backdoor • • mlnews

      1
      1
      Votes
      1
      Posts
      210
      Views

      No one has replied

    • mlnews

      New Browswer Locker Malware Detected in the Wild
      News • browser locker malware security softopedia • • mlnews

      1
      1
      Votes
      1
      Posts
      195
      Views

      No one has replied

    • S

      Decrypting Rapid Ransomware
      IT Discussion • ransomeware malware rapid ransomware • • smartkid808

      5
      1
      Votes
      5
      Posts
      864
      Views

      S

      @travisdh1 said in Decrypting Rapid Ransomware:

      Might be an opportunity to get started with that if you don't.

      Not sure what FoolishIT.com is.. Ill have to look that up in a little

    • mlnews

      Slighshot Malware Found Hidden for Six Years in MikroTik Routers
      News • slingshot malware mikrotik ars technica security • • mlnews

      1
      4
      Votes
      1
      Posts
      363
      Views

      No one has replied

    • scottalanmiller

      Dell Machines Unable to VPN Due to SmartByte Bloatware
      IT Discussion • dell vpn networking malware smartbyte bloatware • • scottalanmiller

      4
      2
      Votes
      4
      Posts
      1555
      Views

      scottalanmiller

      @dbeato said in Dell Machines Unable to VPN Due to SmartByte Bloatware:

      @scottalanmiller said in Dell Machines Unable to VPN Due to SmartByte Bloatware:

      SmartByte, a bit of bloatware or possibly malware - certainly closer to malware than not, is shipping by default on some Dell laptops and desktops. If you are doing a clean OS install as is best practice, this bloatware will be unknown to you. But if you keep the random stuff that ships with your machine, you may run into networking problems. SmartByte has been found by Cisco (and us, now that we know about it with clients) to break network connections and specifically has been found to cause VPNs to fail to connect.

      You'll need to disable, or better remove, or best do a proper, clean OS install, to get your machine able to network reliably.

      None of my Dell Devices has ever come with this. Not even laptops bought through Amazon. In the past Dell and HP have had the Cisco AnnyConnect client but that is found more on home and retailers like Best Buy, Staples or such.

      Then again I don’t buy Dell Inspiron (Which are the ones with SmartByte for sure)

      I never run into it because I would never run a machine without doing a proper OS install, you never know what is on there. But we ran into this (and I've been ranting about how people got into the process of not doing a clean install - dealing with that separately) just now because someone had a machine that didn't get installed and, of course, terrible bloatware problems.

    • jt1001001

      HP Possible pulling a Lenovo with Stealthy spyware?
      News • malware hp spyware security • • jt1001001

      122
      3
      Votes
      122
      Posts
      2950
      Views

      scottalanmiller

      @dashrender said in HP Possible pulling a Lenovo with Stealthy spyware?:

      @scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:

      @momurda said in HP Possible pulling a Lenovo with Stealthy spyware?:

      I don't trust hardware manufacturers to write good software. I trust them to make good hardware.

      That, too.

      This really doesn't compute to me. If you have bad drivers, how can you expect your hardware to perform well?

      How often do you have vendors making their own drivers? Sometimes, but not all that often.

    • mlnews

      New MS Word Attacks Do Not Need Macros
      News • word security malware virus ars technica • • mlnews

      1
      4
      Votes
      1
      Posts
      460
      Views

      No one has replied

    • mlnews

      NextCloud Introduces a Ransomware Protection App
      News • nextcloud security malware ransomware • • mlnews

      5
      6
      Votes
      5
      Posts
      1407
      Views

      scottalanmiller

      @stuartjordan said in NextCloud Introduces a Ransomware Protection App:

      That is Great to hear, they are constantly developing on the project.

      They really are. It's very busy.

    • gjacobse

      Battling Ransome/Crypto-ware: Drive Shares
      IT Discussion • malware ransonware security secure access drive mapping cryptoware • • gjacobse

      18
      0
      Votes
      18
      Posts
      1802
      Views

      Reid Cooper

      Pretty sure that ShadowCopy is still time only.

    • scale

      WannaCry, Petya, What’s Next? Are You at Risk?
      Scale Legion • scale out scale hc3 scale blog wannacry malware • • scale

      1
      1
      Votes
      1
      Posts
      1075
      Views

      No one has replied

    • mlnews

      Windows 10 Immune to Petya
      News • windows windows 7 windows 10 petya malware • • mlnews

      1
      4
      Votes
      1
      Posts
      566
      Views

      No one has replied

    • mlnews

      NotPetya Might Have Not Have Been an NSA Leak
      News • nsa malware security • • mlnews

      6
      0
      Votes
      6
      Posts
      998
      Views

      stus

      After monitoring this new outbreak for 24 hours, I came to the conclusion we were dealing with cyber warfare, and not ransomware. Two separate reports coming from Comae Technologies and Kaspersky Lab experts confirm this now.

      NotPetya is a destructive disk wiper similar to Shamoon which has been targeting Saudi Arabia in the recent past. Note that Shamoon actually deleted files, NotPetya goes about it slightly different, it does not delete any data but simply makes it unusable by locking the files and then throwing away the key. The end result is the same.

      Someone is hijacking known ransomware families and using them to attack Ukrainian computer systems. Guess who.

      You never had a chance to recover your files. There are several technical indicators that NotPetya was only made to look as ransomware as a smoke screen:

      It never bothers to generate a valid infection ID The Master File Table gets overwritten and is not recoverable The author of the original Petya also made it clear NotPetya was not his work

      This has actually happened earlier. Foreshadowing the NotPetya attack, the author of the AES-NI ransomware said in May he did not create the XData ransomware, which was also used in targeted attacks against Ukraine. Furthermore, both XData and NotPetya used the same distribution vector, the update servers of a Ukrainian accounting software maker.

      Catalin Cimpanu, the Security News Editor for Bleepingcomputer stated: "The consensus on NotPetya has shifted dramatically in the past 24 hours, and nobody would be wrong to say that NotPetya is on the same level with Stuxnet and BlackEnergy, two malware families used for political purposes and for their destructive effects. Evidence is clearly mounting that NotPetya is a cyber-weapon and not just some overly-aggressive ransomware."

      Cybersecurity has moved from tech to a CEO and Board-level business issue

      You did not sign up for this, but today it is abundantly clear that as an IT pro you are have just found yourself on the front line of 21-st century cyber war. Cybersecurity has moved from tech to a CEO and Board-level business issue. I strongly suggest you have another look at your defense-in-depth, and make sure to:

      Have weapons-grade backups
      Religiously patch
      Step users through new-school security awareness training.