When acomputer virusinfects a computer, it must make changes tofileson your computer, critical areas like theRegistry, or sections ofmemoryto spread or damage the computer. An antivirus program protects a computer by monitoring all file changes and the memory for specific virus activity patterns. When these known or suspicious patterns are detected, the antivirus warns the… Continue reading How does an antivirus work?
The gap between graphic designers andcoders just got smaller. Until now, if you wanted to build a graphic user interface,whether for app design or custom websites, you would have to enlist a developer to turn yourideas into code. But designers could soon take this power into their own hands. Copenhagen-based startupUlzard Technologieshas developed an app,… Continue reading Neural network which transforms graphic designs into functioning code
A developer has released a tool to fight the WannaCry ransomware, which started affecting PCs worldwide last Friday and has helped hackers gain control over 300,000 systems. The tool released can potentially reverse the effects of the ransomware and free files on a system. The WannaKey software will allow users hit by the WannaCry ransomware and running Windows XP… Continue reading This Free Tool Helps Recover Windows XP PC Hit by WannaCry Ransomware
Ransomware itself typical The actual ransomware component itself is not all that remarkable, it does what ransomware does, encrypts a widerange of files and demands ransom, to be paid in bitcoins in a most insistent way. Here is a list of some of the files it encrypts. Expect more of the same to come What… Continue reading Wannacry: Detailed analysis (part 3 of 3)
Unpacking the PE file from the launcher If we unpack the PE file manually, it shows several layers. Any tool that dumps the resource (.rsrc) section of a PE file can be used. The file “R-1381” is the embedded PE file in the launcher. Running “R-1381” against the .rsrc dumper, we can see that it… Continue reading Wannacry : Detailed analysis ( part 2 of 3 )
Main Launcher: The Killswitch effect The main launcher has a curious feature, where, before it does anything else, it checks connectivity to a certain domain. Ifthat domain resolves, the binary exits and does nothing further. This has been dubbed the killswitch. The killswitch domains below that have been found so far have been registered by… Continue reading Wannacry : Detailed Analysis ( part 1 of 3 )
Hospitals, schools, companies and governments around the world were assessing the damage Saturday after a massive cyberattack hit almost 100 countries, infecting computers with malware that demanded ransom payments. No one has yet claimed the worldwide attack, which experts believe used tools stolen from the National Security Agency.Antivirus providerAvast reportedthat some 100,000 computers had been… Continue reading Huge Cyberattack Hits Nearly 100 Countries With ‘Wanna Decryptor’ Malware