Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cisco Offers Free Decryption Tool For Ransomware Victims
Newest First  |  Oldest First  |  Threaded View
BillyC608
50%
50%
BillyC608,
User Rank: Apprentice
5/12/2017 | 3:59:24 AM
Great software
Well I started using Impedio Security a while ago and I must say that I'm suprised I didn't find it earlier. It's great way to keep your data safe and don't have to worry about your files being corrupted iny any way. It's helpful because last time my friend acidentally deleted folder where I had important stuff for school and now I just put these folders in read-only volumes so no one can delete them, even malicious softwares. I was ransomware victim once but thank God now it's all over and I encouraged all of you to get Impedio and don't worry about malware anymore (y)
Crypt0L0cker
50%
50%
Crypt0L0cker,
User Rank: Strategist
2/21/2017 | 12:39:27 PM
Re: Free Decryption Tools For Ransomware Victims
Unfortunately, not all of them are possible to decrypt. Here is the list of ransomware extensions and available decryptors for them.
BPID Security
50%
50%
BPID Security,
User Rank: Strategist
5/4/2015 | 5:25:14 PM
Thank you
Thank you Kelley.

This represents the good and bad of security.

First the bad you can get your data locked and the good is get help unlocking.

Second the bad means that for a price there are tools to decrypt your data available to those who shouldn't have them and your data is no longer 'safe' as there are free tools to unlock it. The good? Gee I don't know anything more than getting help when your data is locked and you don't have a key.

Great article and thanks for sharing.

 

Paul BPID Security

 

 
WillReadPC
50%
50%
WillReadPC,
User Rank: Apprentice
4/29/2015 | 3:27:53 PM
Help remove TeslaCrypt Virus - Worked for me...

Hey I know the TeslaCrypt virus is extremely prevalent this time of year, However; I was able to remove it from my computer using the steps listed in this 3-step guide 

https://virushelpcenter.com/remove-teslacrypt-virus/

Please let me know if anyone else if successful in removing this virus. The instructions are a little lengthy but it did the trick for me.

Hope this helps at least a few people,

Will

RyanSepe
100%
0%
RyanSepe,
User Rank: Ninja
4/29/2015 | 9:00:45 AM
Temporary Fix
Unfortunately, because this is only for certain variants of ransomware I see this teetering out in the near future. I can't see companies offering free utilities and spending man hours to reverse engineer all the new variants that come out. Though this is a good start, its not sustainable.
Memoinfo
50%
50%
Memoinfo,
User Rank: Apprentice
4/28/2015 | 7:45:21 PM
Re: From Reverse Engineering to Development
That's the way... You have to reverse to have the key
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
4/28/2015 | 5:15:24 PM
From Reverse Engineering to Development
Something about this reminds me of how the first skeleton key must have come about, followed by a long and distinguished array of lock pickers.  Not only that, but the large keyring of both original and skeleton keys that we've come to associate with the locksmith who you call when you get locked out.  More on that later...

First, I think this is a brilliant piece of work on the part of all parties who have provided decryption tools to victims.  Not just because that is what they should do, but because it makes good business sense and it sets the tone for other companies and their customer relationships.

...and we're back.  What I see here is an opportunity, too.  Imagine developing a decryption tool that is the equivalent of that keyring your handy locksmith sports about.  You'd keep it on a USB or similar device, and it would have hundreds of thousands of modules based upon reverse-engineered ransomware (or other sources of encryption) and their key stores.  It would be bootable and based on GNU/Linux, BSD or a similar UNIX flavor.

No, you wouldn't be handing this out to folks, and no, only a "locksmith" (or in this case an InfoSec professional) would carry it. 

There are similar USB-geared projects out there but there is so much more you could do with the architecture.  Thinking out loud.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Vulnerability Disclosure Programs See Signups & Payouts Surge
Kelly Sheridan, Staff Editor, Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15216
PUBLISHED: 2020-09-29
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revisio...
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...