threat


We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as... [Read More]
by RSS Aamir Lakhani  |  Jun 27, 2017  |  Filed in: Security Research
On April 25, 2016, Blue Coat published an article on a new Android Ransomware, called "Dogspectus.” On May 12, 2016, Dell SonicWALL published a separate report on the Android Lockscreen malware campaign with similar characteristics to Dogspectus. These similarities are not a coincidence. We began our own extensive investigation into this ransomware some time ago, and will share additional technical details of this malware here that have not been previously discussed. Technical Details The main Android Application Package (APK) of... [Read More]
by RSS Homing Tay  |  May 19, 2016  |  Filed in: Security Research
Not long ago, ransomware was a problem for consumers. Early versions hit unsuspecting users as early as 2005 but, while alarming, weren’t especially difficult to defeat. Even 10 years ago, the enterprise was a very different place than it is today, with BYOD in its infancy and far greater separation between work and personal environments. Ransomware authors also had not really begun to leverage the social engineering tactics that made infection much more likely, even for relatively savvy users.   Fast-forward to 2015 and attackers... [Read More]
by RSS Chris Dawson  |  Oct 29, 2015  |  Filed in: Industry Trends
A few days ago, CarrierIQ published a 19-page report detailing their software and business. I read the 19 pages, and in case you were wondering, the statements of my previous blog post still stand, even more, they are confirmed so I have updated the FAQ with extra data. Some my comments on the report below. "The IQ Agent uploads diagnostic data once per day, at a time when the device is not being used" (page 4) This is hardly a defense to me. People do not like that their phone is being used without their consent, even if it is for good reasons. When... [Read More]
by RSS Axelle Apvrille  |  Dec 20, 2011  |  Filed in: Security Research