Cryptowall
Angler for Beginners in 34 Seconds
Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [Talos Intel: Angler Exposed], let’s have a very brief look at what an Angler and CryptoWall infection lo…
My Resume Protects All Your Files
This post was authored by Nick Biasini Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection. Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user…
Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense
This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught ou…
Cryptowall 3.0: Back to the Basics
This post was authored by Andrea Allievi & Earl Carter Ransomware continues to impact a large number of organizations and the malware continues to evolve. In January, we examined Cryptowall 2.0 and highlighted new features incorporated into the dropper and Cryptowall binary. When Cryptowall 3.0…
Ransomware on Steroids: Cryptowall 2.0
This post was authored by Andrea Allievi and Earl Carter. Ransomware holds a user’s data hostage. The latest ransomware variants encrypt the user’s data, thus making it unusable until a ransom is paid to retrieve the decryption key. The latest Cryptowall 2.0, utilizes TOR to obfuscate the command an…