Categories
Uncategorized

New Zenis ransomware encrypts files and deletes backups

Add Your Heading Text Here

Share it:

Zenis ransomware is a rare example of crypto-malware. Researchers still cant figure out clearly how this ransomware works. This malware does not only encrypts files but deletes backups too.

Zenis affect devices by exploiting Remote Desktop services. Once inside, it begins to encrypt data using AES cryptography.

Whilst encrypting data, Zenis ransomware renames files and appends Zenis-<2_chars>. file extension. Apart from data encryption, it deletes shadow volume copies, disable startup repair, and clear event logs.

Zenis also searches for files that are associated with backups and deleted them immediately.

Zenis ransomware gets into the machines by exploiting  Remote Desktop services connected to the internet directly.

We recommend connecting Remote Desktop Services to the internet via VPN with a strong password. Also, it is quite safer to have anti-malware solution on public-facing machines.

#ISA_informs

#ISA_ltd

Categories
Uncategorized

Windows Remote Assistance Exploit

Add Your Heading Text Here

Share it:

Source: thehackernews.com

Categories
Uncategorized

Memcached DDOS Exploit Code Released !!!

Add Your Heading Text Here

Share it:

Proof-of-Concept:

Memcacrashed.py is a python script that scans Shodan for IPs of vulnerable Memcached servers and allows a user to launch a DDoS attack against a desired target within seconds of running the tool.

Here is the link to the Memcacrashed.py :   https://cxsecurity.com/issue/WLB-2018030060

Proof-of-concept 2:

The author is PoC 2 is unknown, but the PoC 2 is written in C.

Here is the link to Proof-of-concept 2:  https://pastebin.com/ZiUeinae

Solution Against Memcached DDos Attack:

#ISA_informs

#ISA_ltd

Categories
Uncategorized

New 4G LTE Network is Vulnerable: Hackers can Track, Spam and Spy !!!

Add Your Heading Text Here

Share it:

  1. Authentication Synchronization Failure Attack
  2. Traceability Attack
  3. Numb Attack
  4. Authentication Relay Attack
  5. Detach/Downgrade Attack
  6. Paging Channel Hijacking Attack
  7. Stealthy Kicking-off Attack
  8. Panic Attack
  9. Energy Depletion Attack
  10. Linkability Attack

Source: thehackernews.com

Categories
Uncategorized

Two Discreet Ways to Explore The Deep Web

Add Your Heading Text Here

Share it:

Unfortunately, search engines such as google and other similar ones can’t refer to web pages such as user databases, registration-required web forums, webmail pages, and pages behind paywalls. However, there are other ways of accessing these resources. In this article, we will show how to access resources residing on the dark web and deep net using specific deep web search engines.

 notEvil:

This deep web search engine works like Google. It connects Internet users to content hosted inside the Tor network. However if you want to access content outside the Tor network, you need to download the Tor Browser Bundle and access this content over Tor.

parazite:
 ParaZite is another type of deep web search engine. Apart from its flexible search features, it also allows users to access other external deep web sites. It is advisable to use firewall and VPN before accessing Parazite.
 
 
 
#ISA_ltd
#ISA_informs
 
Categories
Uncategorized

Memcached flaw can Overflow Networks with 260 Gbps Traffic

Add Your Heading Text Here

Share it:

The following facts describes devastating effect of Memcached flaw:

  • A vulnerability in memcached allows attackers to amplify traffic up to 51,200 times for use in denial of service attacks.
  • Only 5,729 of the 88,00 known unprotected servers have been used in memcached attacks thus far, and security experts expect an imminent increase in such attacks.    Source : TechRepublic 

Memcached is a general-purpose distributed memory caching system. One of its primary goals is to speed up dynamic web applications by alleviating database load.  This is accomplished by storing frequently accessed content in RAM, which reduces the number of database queries needed to generate a web page. 

How to Resolve Vulnerable Memcached Servers:

  • B
  • not in use.

#ISA_informs

#ISA_ltd