10Fold – Security Never Sleeps – 72

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: First, an anonymous twitter account found a way around having to pay ransomware. Security researcher Zach Straley exposed a way to permanently brick your iPhone. Cisco Talos Lab released a report that highlights what ransomware could have in store next. BAE Systems discovered new shape-shifting malware that is now targeting the public sector.

Experts crack nasty ransomware that took crypto-extortion to new heights – Publication: Ars Technica- Reporter name: Dan Goodin

A nasty piece of ransomware that took crypto-extortion to new heights contains a fatal weakness that allows victims to decrypt their data without paying the hefty ransom. When it came to light two weeks ago, Petya was notable because it targeted a victim’s entire startup drive by rendering its master boot record inoperable. It accomplished this by encrypting the master boot file and displaying a ransom note. As a result, without the decryption password, the infected computer wouldn’t boot up, and all files on the startup disk were inaccessible.


New Threat Can Auto-Brick Apple Devices – Publication: Krebs on Security – Reporter name:Brian Krebs

If you use an Apple iPhone, iPad or other iDevice, now would be an excellent time to ensure that the machine is running the latest version of Apple’s mobile operating system — version 9.3.1. Failing to do so could expose your devices to automated threats capable of rendering them unresponsive and perhaps forever useless.


Imagining The Ransomware Of The Future – Publication: Dark Reading – Reporter name: Sara Peters

That’s the nightmare that researchers at Cisco Talos Labs described in a report today: a self-propagating, stealthy, modular ransomware that can move laterally across internal networks and cross air-gapped systems. In addition to the standard core ransomware functionality, Cisco Talos’ hypothesized “King’s Ransom framework” has a variety of modules for both stealth and propagation.


This new strain of Qbot malware is tougher than ever to find and destroy– Publication: ITPro – Reporter name: Rene Millman

Researchers managed to analyze the new strain and discovered a number of modifications had been made to the original Qbot malware to make it harder to detect and intercept. These included a new ‘shape-changing’ or polymorphic code, which meant that each time the malware’s code was issued by the servers controlling it, it was compiled afresh with additional content, making it look like a completely different program to researchers looking for specific signatures.