11 matches found
Overview of Petya, a rapid cyberattack
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya aka NotPetya attack. How Petya worked The Petya attack chain is well understood,...
Overview of Petya, a rapid cyberattack
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya aka NotPetya attack. How Petya worked The Petya attack chain is well understood,...
medoc-chandelliere.com XSS vulnerability
Open Bug Bounty ID: OBB-516092 Description| Value ---|--- Affected Website:| medoc-chandelliere.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...
Ukraine Police Warns of New NotPetya-Style Large Scale CyberAttack
Remember NotPetya? The Ransomware that shut down thousands of businesses, organisations and banks in Ukraine as well as different parts of Europe in June this year. Now, Ukrainian government authorities are once again warning its citizens to brace themselves for next wave of "large-scale"...
Ukrainian Man Arrested, Charged in NotPetya Distribution
The Cyber Police of Ukraine arrested a suspect they allege distributed the destructive NotPetya/ExPetr malware resulting in the infection of 400 computers. NotPetya/ExPetr was the malware behind a massive global cyberattack that took place earlier this year. It infected computers worldwide with...
In ExPetr/Petya’s shadow, FakeCry ransomware wave hits Ukraine
While the cyber-world was still shaking under the destructive ExPetr/Petya attack that hit on June 27, another ransomware attack targeting Ukraine at the same time went almost unnoticed. So far, all theories regarding the spread of ExPetr/Petya point into two directions: Distribution via trojaniz...
Researchers Find BlackEnergy APT Links in ExPetr Code
Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr...
Carbon Black Threat Research Technical Analysis: Petya / NotPetya Ransomware
On June 27, public announcements were made about a large-scale campaign of ransomware attacks across Europe. The ransomware impacted notable industries such as Maersk, the world’s largest container shipping company. The initial infection vector appears to be the exploitation of a Ukrainian tax...
New ransomware, old techniques: Petya adds worm capabilities
Note: We have published a follow-up blog entry on this ransomware attack. We have new findings from our continued investigation, as well as platform mitigation and protection information: Windows 10 platform resilience against the Petya ransomware attack. Read our latest comprehensive report on...
Petya Destructive Malware Variant Spreading via Stolen Credentials and EternalBlue Exploit
UPDATE July 21: FireEye continues to track this threat. An earlier version of this post has been updated to reflect new findings. On June 27, 2017, multiple organizations – many in Europe – reported significant disruptions they are attributing to a variant of the Petya ransomware, which we are...
New Ransomware Variant "Nyetya" Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.Update 2017-07-06 12:30 EDT: Updated to explain the modified DoublePulsar backdoor.Since the SamSam attacks that targeted US...