Saturday, 19 May 2018
Wednesday, 16 May 2018
Ransomeware
BY JUAN MARTINEZ
Read this to learn more about the WannaCry ransomware crisis and what you need to stay safe from future attacks
Earlier this month, a strain of ransomware infected more than 300,000 Windows PCs around the world. The awesomely namedWannaCry strain demanded that infected businesses and individuals pay $300 in order to unlock each machine—as well as the data stored on their devices. Some people paid the ransom, while others were lucky enough to wait it out and be rescued by a hero who accidentally stopped the attack by registering the unregistered domain on which the ransomware lived.
Now that the attack has been thwarted, it appears that new WannaCry variants are emerging, and a massive, unrelated ransomware attack hit Eastern Europe. As ransomware attacks become trickier and more difficult to stop, your company is more likely than ever to be at risk. As a result, we've compiled this list of post-mortem steps on what happened, how you can protect your business and yourself, and what you should do if you fall victim to an attack.
1. Be Defensive
You're going to need to be smarter about which emails you open, which links you click, and which files you download. Phishing attacks are common and they're easy to fall victim to. Unfortunately, WannaCry wasn't your typical phishing attack. Instead, this attack manipulated a Windows vulnerability, one that had already been patched by Microsoft earlier this year.
So, how did it get through? You know those annoying pop-up notifications that software manufacturers send to your computer? They're not just alerting you to new features; they're adding patches to your software that will help to protect against attacks like WannaCry. The same goes for your endpoint protectionsoftware. If your vendor asks you to update, then update. In this case, it appears the attackers were able to penetrate systems that had not recently been updated and, as a result, hospitals were crippled and lives were put in jeopardy (more on this later).
"The global fallout of this attack could have easily been prevented by deploying the security update once it was made available by Microsoft," said Liviu Arsene, Senior E-Threat Analyst at Bitdefender. "The lesson to be learned from this experience is to always apply security patches and updates when they become available, not just for operating systems but for applications as well. Of course, a security solution might prevent the payload—in this case, ransomware—from infecting victims. But more advanced and sophisticated threats could potentially leverage the operating system vulnerability to gain persistency and bypass traditional security mechanisms undetected."
2. Back that Cache Up
The worst thing about an attack of this variety is that it gains access to your data. However, the responsible among us don't need to worry about this very much because they have been using disaster recovery (DR) software to ensure that their information is alive and well in the cloud. If you wind up getting hit with a ransomware attack, then having access to your full trove of data in the cloud means you can simply factory-reset your machine, pull in your backed up data, and start working again.
Image Via: McAfee
3. Don't Pay, Silly
As much as you'd like to retrieve your unfinished screenplay, paying hostage takers seldom works. Instead, contact the FBI and let them know you've become the victim of a cyberattack. If you desperately need your data and you don't have a backup stored elsewhere, then just sit tight and wait. Also, if you don't need your data or if you have backed it up, then just reset your machine and start from scratch.
Whatever you do, don't pay. Here's why: There's a good possibility the hacker won't actually release your data. Now you're out $300 and you're still out of luck. Also, paying could actually expose you to additional risk because you've shown a willingness to give into the hackers' demands. So, in the very best-case scenario, you've paid, gotten your data back, and given a criminal incentive to try to attack you again in the future.
"No one is ever encouraged to give in to ransomware demands," said Arsene. "In fact, if no backups are available from which to restore lost data, companies or individuals should treat the incident as hardware failure and move on. Paying would only fuel cybercriminals with the financial resources to keep developing new threats. And there's no actual guarantee that you'll actually receive the decryption key. You are actually dealing with criminals here."
4. What You Should Do
As I previously mentioned, backing up your data and running a factory-reset on your hardware, will let you walk away from a ransomware attack without having experienced much real damage. Here's a step-by-step procedure for what to do when that ransom note hits your screen: 1) Unplug your computer and unplug your computer from its network. 2) Fully wipe your device and restore it from a backup. 3) Install all security patches and updates and add a security solutionlike Bitdefender to your software mix. 4) Contact the FBI.
5. Businesses Must Get Serious
"There are security layers that companies can deploy to protect infrastructures from zero-day vulnerabilities in both operating systems and applications," said Arsene. Arsene recommends organizations running virtual infrastructures deploy a hypervisor-based memory introspection technology that's capable of securing virtual workloads.
"This new security layer that sits below the operating system can detect zero-day vulnerabilities, like the SMB v1 vulnerability leveraged by WannaCry, and prevent attackers from ever exploiting it, even if the system is unpatched or the vulnerability is completely unknown," Arsene explained. "This complementary security layer, coupled with traditional in-guest security solutions and constant software patching, increases the cost of attack for cybercriminals while giving organizations more visibility into advanced attacks."
Tuesday, 13 March 2018
Tuesday, 20 February 2018
MASM
MASM
8086 Assembler in Ubuntu or Windows 7(x64) using DOSBox
Run MASM 8086 Assembler in Ubuntu
or Windows 7(x64) using DOSBox
Here’s how to run 16 bit DOS executables like the MASM assembler
or Turbo C compiler in Ubuntu (GNU/Linux) or in 64 bit editions of Windows 7
using DOSBox, a DOS environment emulator. DOSBox is
available for Linux as well as Windows.
DOSBox installation
For Ubuntu users (using repository)
Open the terminal and type in the following commands to download and install DOSbox in Ubuntu
sudo apt-get update
sudo apt-get install dosbox
You will find it installed under Applications_Menu->Games->DOSBox Emulator
Open the terminal and type in the following commands to download and install DOSbox in Ubuntu
sudo apt-get update
sudo apt-get install dosbox
You will find it installed under Applications_Menu->Games->DOSBox Emulator
For other GNU/Linux users
Download DOSbox from below link.
Open terminal and cd to the directory containing the downloaded tar.gz file. Type in the following commands to build and install :
tar -xzvf dosbox-0.74.tar.gz
cd dosbox-0.74
./configure
make
Check the src subdir for the binary.
Download DOSbox from below link.
Open terminal and cd to the directory containing the downloaded tar.gz file. Type in the following commands to build and install :
tar -xzvf dosbox-0.74.tar.gz
cd dosbox-0.74
./configure
make
Check the src subdir for the binary.
For Windows users
Download DOSbox from below.
Run the downloaded .exe file and install it like any other software.
Download DOSbox from below.
Run the downloaded .exe file and install it like any other software.
Now that you’ve installed DOSBox, you’ll be able to run any
16bit or 32bit DOS executable inside it.
Download the 8086 MASM Assembler from below. The zip file
contains the following files :
masm.exe, tasm.exe, link.exe, bin2hex.exe, exe2bin.exe, td.exe, edit.com and debug.exe
masm.exe, tasm.exe, link.exe, bin2hex.exe, exe2bin.exe, td.exe, edit.com and debug.exe
Windows users extract the .zip file into C:\ so that the path C:\8086 contains
all the above mentioned files. GNU/Linux users can extract it and place it in
say /home/imran/8086
Launch DOSBox and type the following commands :
For Linux users :
mount c /home/imran/8086
c:
For Windows :
mount c c:\8086
c:
For Linux users :
mount c /home/imran/8086
c:
For Windows :
mount c c:\8086
c:
DOSBox running in Ubuntu
Now the contents of the folder /home/imran/8086 or c:\8086 is mounted as c: drive
inside the DOS emulator. You can assemble programs inside DOSBox as you do in
your Microprocessor Lab under Windows XP; i.e your usual sequence of commands -
edit file.asm
masm file.asm
link file
debug file.exe
edit file.asm
masm file.asm
link file
debug file.exe
When you are done, type exit to quit
DOSBox.
P.S : For GNU/Linux users,
there’s an alternative assembler known as the NASM. NASM is considered to
be one of the most popular assemblers for GNU/Linux.
Click to Downloads :
DOSBox for Linux : dosbox-0.74.tar.gz
DOSBox for Windows : DOSBox0.74-win32-installer.exe
8086 Assembler : 8086_Assembler.zip
DOSBox for Linux : dosbox-0.74.tar.gz
DOSBox for Windows : DOSBox0.74-win32-installer.exe
8086 Assembler : 8086_Assembler.zip
Subscribe to:
Posts (Atom)