Atlanta government was compromised in April 2017 – well before last week’s ransomware attack
Last Thursday, the City Of Atlanta suffered outages from a ransomware attack. During the press conference (recorded here), city officials indicated that they were invested in cyber security. They noted that they were working with state and federal law enforcement to resolve the incident and had even been in contact with the Secret Service. Officials […]
WanaCrypt0r worm with kill switch patched out
Update: After performing some analysis, we’ve noted that the ransomware package (resource) in the worm is corrupted. This means that even though the worm will infect, it won’t encrypt your files. This is a GOOD THING. But machines are still being exploited with this worm variant. Patching is still the order of the day. […]
WannaCry because your organization is slow to patch? Stop the tears with TearSt0pper!
WanaCrypt0r 2.0 has been spreading like wildfire and causing severe impact to individuals and businesses alike. Wcry not only is a crypto-ransomware variant, but packages a leaked NSA exploit with it (MS17-010), creating a self-propagating ransomware worm. To protect our clients and now the general public, Rendition Infosec has released TearSt0pper. Simply put, TearSt0pper creates […]
WanaCrypt0r malware webcast and slides
Last night, I ran a special webcast for the SANS Institute on the outbreak of the WanaCrypt0r malware. One thing I love about SANS is that we always look out for our students. If huge security news breaks during the day at one of our major conferences, we designate an instructor to do impromptu night sessions. […]