David Lanter

People who have fallen victim to FortuneCrypt, Yatron, WannaCryFake or Avest ransomware should now be able to retrieve their encrypted files without giving into the extortion demands of cyber attackers.Three of the decryption tools have been released for free as part of No More Ransom, a joint initiative by tech security companies and law enforcement that is designed to help businesses and consumers in the fight against cybercrime. Now more free decryption tools have been added to the No More Ransom arsenal, as Kaspersky Lab has provided tools for decrypting Yatron and FortuneCrypt, while Emsisoft has released a free decryptor for WannaCryFake.

https://www.zdnet.com/article/hit-by-ransomware-victims-of-these-four-types-of-file-encrypting-malware-can-now-retrieve-their-files-for-free/

Hi guys,

Is it safe to say that windows is no longer safe, can we categorize its operating system as Moderate or High?

This article is a little worrying for Windows users like me.

From a security perspective, it hasn’t been the best few weeks for Microsoft or Windows users for that matter. There have been so many serious security issues coming to the fore that “security warning fatigue” is becoming a real danger. Most recently I reported how a Windows 10 update broke Windows Defender. This was preceded by a critical Windows warning about a worm able exploit that had been weaponized. Before that, there was a “complete control” hack attack warning, another Windows update breaking things issue and a device driver design flaw leaving millions of Windows 10 users at risk. Now there’s more bad news, and good news, as a zero-day vulnerability that is being exploited in the wild is confirmed by Microsoft. Here’s what you need to know and what you need to do now.

 

https://www.forbes.com/sites/daveywinder/2019/09/24/new-critical-windows-security-warning-for-windows-10-81-and-7-users/#79341f141c33

Small to mid-sized businesses can keep safe from most cyber attacks by protecting the ports that threat actors target the most. Three of them stand out in a crowd of more than 130,000 targeted in cyber incidents. A report from threat intelligence and defense company Alert Logic enumerates the top weaknesses observed in attacks against over 4,000 of its customers.

According to the report, the ports most frequently used to carry out an attack are 22, 80, and 443, which correspond to SSH (Secure Shell), the HTTP (Hypertext Transfer Protocol), and the HTTPS (Hypertext Transfer Protocol Secure).

Alert Logic says that these appear in 65% of the incidents, and it makes sense since they need to be open for communication, be it secured or plain text.

Coming in fourth place is the port for Microsoft’s Remote Desktop Protocol (RDP), responsible for remote communication between machines. RDP attracted attention this year through multiple patches for vulnerabilities leading to remote code execution

https://www.bleepingcomputer.com/news/security/most-cyber-attacks-focus-on-just-three-tcp-ports/