Select Page

Shadow Brokers Response Team

https://steemit.com/shadowbrokers/@theshadowbrokers/theshadowbrokers-monthly-dump-service-june-2017   Q: What is going to be in the next dump? TheShadowBrokers is not deciding yet. Something of value to someone. See theshadowbrokers’ previous posts. The time for...

UIWIX Ransomware

It was just a matter of time until other organisations or individuals followed the path set by WannaCry last weekend. Seems there is another variant of ransomware doing the rounds which is exploiting the same loop hole as WannaCry is using port 445 to enumerate and...

WannaCrypt Ransomware Part 2

It seems the initial wave has been stopped by Researchers, and then we had another one as detailed in the link below. https://blog.comae.io/wannacry-new-variants-detected-b8908fefea7e More good information and I suggest reading through it all if you have not done so...

Advisory and Update from Microsoft

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ If you affected by the current Ransomware attacks’ then its best to follow this advice and patch your systems before similar attacks are launched.

WannaCrypt Ransomware

In what has been big news over the past 24 hours.  Especially here in the UK is that the NHS has been hit with a large ransomware attack. http://www.bbc.co.uk/news/technology-39901382 http://blog.talosintelligence.com/2017/05/wannacry.html?m=1 This is a pretty good...

Protecting customers and evaluating risk – Microsoft

In what feels like perfect timing from Microsoft, it seems they had already released patches for some if not all of the exploits released these past few days by the file dump by the ShadowBrokers.   Code Name Solution “EternalBlue” Addressed by MS17-010...

NSA Tools in the Wild

Further apparent NSA tools have been released and this time there is alot more information contained with the files.  This tool in particular looks quite similar to metasploit. @hackerfantastic have been investigating these tools and posting their findings, I believe...

Infected Webpage

hxxp://petroffpianostudio[.]com/ (This may now be cleaned up at the time of posting) It looks like the the aforementioned webpage is infected with a redirect to download suspect files Traffic observed after the infection suggests that it will attempt to download...