ShieldFS – Ransomware resilient filesystem

Italian researchers have developed a Windows drop-in driver and custom filesystem that are capable of detecting the telltale signs of a ransomware infection, stop any malicious actions and even revert any encrypted files to their previous state. Called ShieldFS, this new project is the work of seven researchers from the Politecnico di Milano University and was… Continue reading ShieldFS – Ransomware resilient filesystem

Wannacry : Detailed Analysis ( part 1 of 3 )

Main Launcher: The Killswitch effect The main launcher has a curious feature, where, before it does anything else, it checks connectivity to a certain domain. Ifthat domain resolves, the binary exits and does nothing further. This has been dubbed the killswitch. The killswitch domains below that have been found so far have been registered by… Continue reading Wannacry : Detailed Analysis ( part 1 of 3 )