Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cisco Offers Free Decryption Tool For Ransomware Victims
Newest First  |  Oldest First  |  Threaded View
BillyC608
BillyC608,
User Rank: Apprentice
5/12/2017 | 3:59:24 AM
Great software
Well I started using Impedio Security a while ago and I must say that I'm suprised I didn't find it earlier. It's great way to keep your data safe and don't have to worry about your files being corrupted iny any way. It's helpful because last time my friend acidentally deleted folder where I had important stuff for school and now I just put these folders in read-only volumes so no one can delete them, even malicious softwares. I was ransomware victim once but thank God now it's all over and I encouraged all of you to get Impedio and don't worry about malware anymore (y)
Crypt0L0cker
Crypt0L0cker,
User Rank: Strategist
2/21/2017 | 12:39:27 PM
Re: Free Decryption Tools For Ransomware Victims
Unfortunately, not all of them are possible to decrypt. Here is the list of ransomware extensions and available decryptors for them.
BPID Security
BPID Security,
User Rank: Strategist
5/4/2015 | 5:25:14 PM
Thank you
Thank you Kelley.

This represents the good and bad of security.

First the bad you can get your data locked and the good is get help unlocking.

Second the bad means that for a price there are tools to decrypt your data available to those who shouldn't have them and your data is no longer 'safe' as there are free tools to unlock it. The good? Gee I don't know anything more than getting help when your data is locked and you don't have a key.

Great article and thanks for sharing.

 

Paul BPID Security

 

 
WillReadPC
WillReadPC,
User Rank: Apprentice
4/29/2015 | 3:27:53 PM
Help remove TeslaCrypt Virus - Worked for me...

Hey I know the TeslaCrypt virus is extremely prevalent this time of year, However; I was able to remove it from my computer using the steps listed in this 3-step guide 

https://virushelpcenter.com/remove-teslacrypt-virus/

Please let me know if anyone else if successful in removing this virus. The instructions are a little lengthy but it did the trick for me.

Hope this helps at least a few people,

Will

RyanSepe
RyanSepe,
User Rank: Ninja
4/29/2015 | 9:00:45 AM
Temporary Fix
Unfortunately, because this is only for certain variants of ransomware I see this teetering out in the near future. I can't see companies offering free utilities and spending man hours to reverse engineer all the new variants that come out. Though this is a good start, its not sustainable.
Memoinfo
Memoinfo,
User Rank: Apprentice
4/28/2015 | 7:45:21 PM
Re: From Reverse Engineering to Development
That's the way... You have to reverse to have the key
RetiredUser
RetiredUser,
User Rank: Ninja
4/28/2015 | 5:15:24 PM
From Reverse Engineering to Development
Something about this reminds me of how the first skeleton key must have come about, followed by a long and distinguished array of lock pickers.  Not only that, but the large keyring of both original and skeleton keys that we've come to associate with the locksmith who you call when you get locked out.  More on that later...

First, I think this is a brilliant piece of work on the part of all parties who have provided decryption tools to victims.  Not just because that is what they should do, but because it makes good business sense and it sets the tone for other companies and their customer relationships.

...and we're back.  What I see here is an opportunity, too.  Imagine developing a decryption tool that is the equivalent of that keyring your handy locksmith sports about.  You'd keep it on a USB or similar device, and it would have hundreds of thousands of modules based upon reverse-engineered ransomware (or other sources of encryption) and their key stores.  It would be bootable and based on GNU/Linux, BSD or a similar UNIX flavor.

No, you wouldn't be handing this out to folks, and no, only a "locksmith" (or in this case an InfoSec professional) would carry it. 

There are similar USB-geared projects out there but there is so much more you could do with the architecture.  Thinking out loud.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-0900
PUBLISHED: 2022-05-23
A Stored Cross-Site Scripting (XSS) vulnerability in DivvyDrive's "aciklama" parameter could allow anyone to gain users' session informations.
CVE-2022-28997
PUBLISHED: 2022-05-23
CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery (SSRF) which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/.
CVE-2022-28998
PUBLISHED: 2022-05-23
Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code.
CVE-2022-1810
PUBLISHED: 2022-05-23
Improper Access Control in GitHub repository publify/publify prior to 9.2.9.
CVE-2022-1816
PUBLISHED: 2022-05-23
A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input <script>alert(1)</script> lea...