Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Microsoft: Keep Calm But Vigilant About Ransomware
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/25/2016 | 8:17:35 AM
Social Engineering
Social engineering, and from my experience phishing, has been how ransomware has become so prolific. The end user is providing the attacker with keys to the door but who can blame them when phishing attempts are becoming more authentic to look like genuine traffic.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/25/2016 | 8:15:36 AM
Re: Ransomware on the rise
It's no wonder why the answer has been ransomware for some. It's easy to transport, easy to create, and modular when designed correctly. Ransomware can have varying levels of complexity and has even been packaged with other malware. Due to these parameters you run the gamut from very capable malware writers to even the most inexperienced leveraging it as a malicious medium.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
4/23/2016 | 9:30:04 AM
Ransomware on the rise
Alas, as Brian Krebs reports in his book Spam Nation, a lot of this is the side effect of the successful crackdown on pharma spam over the past so several years.  Botnet masters, script kiddies, and other black-hatters needed to come up with new monetization plans.  For some, the solution has been ransomware.
<<   <   Page 2 / 2


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&amp;M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.