Each year, millions of ransomware attacks paralyze computer systems of businesses, medical offices, government agencies, and individuals. With the increased frequency of online shopping during the holidays, the likelihood of being targeted by one of these attacks rises for consumers.

Unsuspecting internet users could find themselves on the receiving end of an unwanted Christmas present; malware that not only encrypts their Windows PC and holds it for ransom, but also steals their personal data and login credentials.

As always, be extra vigilant when you receive an email from a suspicious or unknown sender and don’t click on a link unless you are positive that it is legitimate email.

Solutions overview

Ransomware in Your Stocking

The year-long anticipation for the big day is almost here! Christmas (and other Holidays) are here to enjoy! All of the shopping, wrapping gifts, baking cookies, and family members arriving is an exciting time. All that is left to do for the big day is put up the stockings and find out if you have been naughty or nice this year. No one wants to get coal in their stocking, but it does happen. In this case, unfortunately, your stocking is your computer, and bad guys are delivering the coal in the form of ransomware.

Read more

Threat hunting on your own network with InQuest

InQuest combines Deep File Inspection (DFI) and RetroHunt ™ to bring the threat hunting capabilities of VirusTotal Intelligence to your own environment. VirusTotal Intelligence is a malware intelligence service that analyzes almost 2 million files each day. The service has earned its spot in the threat analyst toolbox by aggregating 70+ antivirus engines for static analysis, the VirusTotal multisandbox project for dynamic analysis, as well as 60+ domain reputation feeds.

Read more

GonnaCry

GonnaCry is an academic ransomware made for learning and awareness about security/cryptography. This Ransomware mustn't be used to harm/threat/hurt other people’s computers.

Read more

Rhino-Ransomware-Decryption-Tools

A large collection of tools to decrypt files that have been attacked by different ransomware, which will be updated every month with new decryption tools.

Read more

Pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python.

Read more

New Orleans hit by ransomware, city employees told to turn off computers

New Orleans city employees were instructed to shut down their computers this weekend as a precaution after an apparent cyberattack. City officials have said there's no evidence that user passwords or data was lost in the attack.

Read more

1.6 billion LightInTheBox customer records left exposed

An unsecured database operated by the online retailer LightInTheBox left 1.3TB of data containing 1.6 billion shopper records exposed for a three-month period this year. In what the breach discovers VPNMentor described as a major lapse in LighInTheBox’s data security and potentially devastating to the victims exposing them to not only a cyberattack but potentially a physical confrontation as the data included enough clues to allow a malicious actor to discover their home address.

Read more

BlackHat 2019 Arsenal & BLACKPHENIX Framework

BLACKPHENIX is an open-source malware analysis automation framework composed of services, scripts, plug-ins, and tools based on a Command-and-Control (C&C) architecture. It relies on virtual machine software to operate and scripts to remotely control (GUI and console) tools and scripts running on a guest (analysis) virtual machine.

Read more