Italian researchers have developed a Windows drop-in driver and custom filesystem that are capable of detecting the telltale signs of a ransomware infection, stop any malicious actions and even revert any encrypted files to their previous state. Called ShieldFS, this new project is the work of seven researchers from the Politecnico di Milano University and was… Continue reading ShieldFS – Ransomware resilient filesystem
Petya is a family of encrypting ransomware that was first discovered in 2016. The malware targets Microsoft Windows-based systems, infecting the master boot record to execute a payload that encrypts the NTFS file table, demanding a payment in bitcoin in order to regain access to the system. Here’s a summary of the NotPetya outbreak: The malware uses a bunch of tools to move through a network, infecting… Continue reading Petya Ransomware : Initial Analysis
When acomputer virusinfects a computer, it must make changes tofileson your computer, critical areas like theRegistry, or sections ofmemoryto spread or damage the computer. An antivirus program protects a computer by monitoring all file changes and the memory for specific virus activity patterns. When these known or suspicious patterns are detected, the antivirus warns the… Continue reading How does an antivirus work?