ShieldFS – Ransomware resilient filesystem

Italian researchers have developed a Windows drop-in driver and custom filesystem that are capable of detecting the telltale signs of a ransomware infection, stop any malicious actions and even revert any encrypted files to their previous state. Called ShieldFS, this new project is the work of seven researchers from the Politecnico di Milano University and was… Continue reading ShieldFS – Ransomware resilient filesystem

Coding for hacking.    The languages  every security researcher/ hacker must know

Hacking is usually meant to break a code. There are three sections of hacking ― Web Hacking, Exploit Writing & Reverse Engineering and each of it requires different programming language 1. Web Hacking Since most of the tech is build around world wide web, it is important to learn web hacking to be a good… Continue reading Coding for hacking.    The languages  every security researcher/ hacker must know

Petya Ransomware : Initial Analysis

Petya is a family of encrypting ransomware that was first discovered in 2016. The malware targets Microsoft Windows-based systems, infecting the master boot record to execute a payload that encrypts the NTFS file table, demanding a payment in bitcoin in order to regain access to the system. Here’s a summary of the NotPetya outbreak: The malware uses a bunch of tools to move through a network, infecting… Continue reading Petya Ransomware : Initial Analysis

Ways to secure yourself against hackers

Deleting traces from old devices When you’re getting rid of your old computer, simply deleting your data from it is not enough. Even if you use the format command to wipe the hard disk clean, the data can be recovered using simple, free software. The only way to make sure your data remains inaccessible is… Continue reading Ways to secure yourself against hackers

This Free Tool Helps Recover Windows XP PC Hit by WannaCry Ransomware

A developer has released a tool to fight the WannaCry ransomware, which started affecting PCs worldwide last Friday and has helped hackers gain control over 300,000 systems. The tool released can potentially reverse the effects of the ransomware and free files on a system. The WannaKey software will allow users hit by the WannaCry ransomware and running Windows XP… Continue reading This Free Tool Helps Recover Windows XP PC Hit by WannaCry Ransomware

Wannacry: Detailed analysis (part 3 of 3)

​Ransomware itself typical The actual ransomware component itself is not all that remarkable, it does what ransomware does, encrypts a widerange of files and demands ransom, to be paid in bitcoins in a most insistent way. Here is a list of some of the files it encrypts. Expect more of the same to come What… Continue reading Wannacry: Detailed analysis (part 3 of 3)

Wannacry : Detailed analysis ( part 2 of 3 ) 

​Unpacking the PE file from the launcher If we unpack the PE file manually, it shows several layers. Any tool that dumps the resource (.rsrc) section of a PE file can be used. The file “R-1381” is the embedded PE file in the launcher. Running “R-1381” against the .rsrc dumper, we can see that it… Continue reading Wannacry : Detailed analysis ( part 2 of 3 )