Daily Archives: January 24, 2017

Introducing Malwarebytes Anti-Ransomware Beta

Posted on by
Reply

a completely proactive and signature-less technology that is able to detect and block even the most dangerous of ransomware variants like CryptoWall4, CryptoLocker, Tesla, and CTB-Locker.

Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough evidence to determine a certain process or thread to be ransomware, blocks the infection and quarantines the ransomware before it has a chance to encrypt users’ files. During development Malwarebytes Anti-Ransomware has blocked every single ransomware variant we have thrown at it. We are extremely satisfied with its results and are excited to bring this technology to our user community for further testing.

As this is the very first beta we do encourage beta users to install the product in non-production environments for testing purposes only.

Source: Introducing Malwarebytes Anti-Ransomware Beta – Anti-Ransomware Beta – Malwarebytes Forums

Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux

Posted on by
Reply

Cryptostalker and the original project randumb are the work of Sean Williams, a developer from San Francisco. Mr. Williams wanted to create a tool that monitored the filesystem for newly written files, and if the files contained random data, the sign of encrypted content, and they were written at high speed, it would alert the system’s owner.

Right now, the project is only available for Linux, but as you can read below in our interview with Mr. Williams, there’s a plan to port the tool for Windows.

If tests go well enough, then Windows users may have a new method of getting warned against the deadly wave of crypto-ransomware that’s been recently hitting users around the globe.

Source: Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux – EXCLUSIVE

The No More Ransom Project: tools and howtos to decrypt ransomware from the EU

Posted on by
Reply

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

Since it is much easier to avoid the threat than to fight against it once the system is affected, the project also aims to educate users about how ransomware works and what countermeasures can be taken to effectively prevent infection. The more parties supporting this project the better the results can be. This initiative is open to other public and private parties.

Source: The No More Ransom Project

Cybereason Introduces: Free Behavioral-Based Ransomware Blocking

Posted on by
Reply

Edit: It seems that this system creates a whole load of bogus files and dirs and monitors them, not the whole file system. This pollutes the file system and means that people can quite easily write around it.

Every ransomware program goes over files, chooses the ones that look interesting, encrypts them and destroys the originals. You know what else does this? Compression software, legitimate encryption applications and backup and cloud-sync solutions in addition to many more programs. The same behavior is exhibited even if you manually compress a directory with a password and then delete it. Since ransomware encrypts any file anywhere on a computer, it’s extremely difficult to distinguish a legitimate file activity from a malicious one. While every encrypted file increases the likelihood that the ransomware will be detected, each encrypted file equals another important piece of information lost. Every second counts when ransomware starts encrypting files.

Cybereason RansomFree: Behavior – Based Ransomware Blocking Freeware

Cybereason researched more than 40 ransomware strains, including Locky, Cryptowall, TeslaCrypt, Jigsaw and Cerber and identified the behavioral patterns that distinguish ransomware from legitimate applications. Whether a criminal group or nation created the program, all ransomware functions the same way and encrypts as many files as possible. These programs can’t determine what files are important so they encrypt everything based on file extensions.

RansomFree, Cybereason’s behavioral anti-ransomware free tool, takes all these challenges into consideration. By putting multiple deception methods in place, RansomFree detects ransomware as soon as encryption occurs either on a computer or network drive. Once encryption is detected, RansomFree suspends it, displays a popup that warns users their files are at risk and enables them to stop the attack.

RansomFree protects against local encryption as well as the encryption of files on network or shared drives. The encryption of shared files is among the doomsday scenarios an organization can imagine. It takes only one employee on the network to execute ransomware and affect the entire company.

Source: Cybereason Introduces: Free Behavioral-Based Ransomware Blocking

Interesting. Unfortunately Windows only.

Don’t smile too big to be effective in online marketing ads, study funds

Posted on by
Reply

“We found that broad smiles lead people to be perceived as warmer but less competent,” said Jessica Li, a KU assistant professor of marketing in the School of Business. “We ask how that can influence consumer behavior and in what situations might marketers want to smile more broadly.”
[…]
Li said broader smiles that tend to elicit more warmth seem to be more effective in promotional ads for a service that would carry less risk. But photos with a slight smile did better in marketing scenarios where services were higher risk, such as a medical procedure, legal representation or investment in a startup company.

“If I see an ad with a heart surgeon who smiles really broadly at me, I might think she is really warm, but not choose her to be my doctor because she seems less competent than a surgeon with a slight smile,” Li said. “If the risk is really low, such as going to the store to get a new shirt, then the competence of the salesperson isn’t as important and I respond more positively to the broad smile.”

In their analysis of Kickstarter.com, when the page creator’s profile photo exhibited a broad smile that tended to elicit perceptions of warmth, the total amount of money pledged decreased by more than 50 percent, and the average contribution per backer was 30 percent less than when the creator’s photo included only a slight smile.

“Project creators with a slight smile are perceived as more competent,” Li said. “More people wanted to donate to their project because they believe this competent person is able to deliver the product.”

However, a more intense smile does appear to elicit more buzz on social media or other low-cost behaviors. Profile photos with a broader smile received twice as many Facebook shares than someone with a slight smile.

Source: Don’t smile too big to be effective in online marketing ads, study funds

Scientists create first stable semisynthetic organism

Posted on by
Reply

Scientists at The Scripps Research Institute (TSRI) have announced the development of the first stable semisynthetic organism. Building on their 2014 study in which they synthesized a DNA base pair, the researchers created a new bacterium that uses the four natural bases (called A, T, C and G), which every living organism possesses, but that also holds as a pair two synthetic bases called X and Y in its genetic code.

TSRI Professor Floyd Romesberg and his colleagues have now shown that their single-celled organism can hold on indefinitely to the synthetic base pair as it divides. Their research was published January 23, 2017, online ahead of print in the journal Proceedings of the National Academy of Sciences.
[…]
First, Zhang and Lamb, co-first authors of the study, optimized a tool called a nucleotide transporter, which brings the materials necessary for the unnatural base pair to be copied across the cell membrane. “The transporter was used in the 2014 study, but it made the semisynthetic organism very sick,” Zhang explained. The researchers discovered a modification to the transporter that alleviated this problem, making it much easier for the organism to grow and divide while holding on to X and Y.

Next, the researchers optimized their previous version of Y. The new Y was a chemically different molecule that could be better recognized by the enzymes that synthesize DNA molecules during DNA replication. This made it easier for cells to copy the synthetic base pair.

A New Use for CRISPR-Cas9

Finally, the researchers set up a “spell check” system for the organism using CRISPR-Cas9, an increasingly popular tool in human genome editing experiments. But instead of editing a genome, the researchers took advantage of CRISPR-Cas9’s original role in bacteria.

The genetic tools in CRISPR-Cas9 (a DNA segment and an enzyme) originated in bacteria as a kind of immune response. When a bacterium encounters a threat, like a virus, it takes fragments of the invader genome and pastes them into its own genome—a bit like posting a “wanted” poster on the off chance it sees the invader again. Later, it can use those pasted genes to direct an enzyme to attack if the invader returns.

Knowing this, the researchers designed their organism to see a genetic sequence without X and Y as a foreign invader. A cell that dropped X and Y would be marked for destruction, leaving the scientists with an organism that could hold on to the new bases. It was like the organism was immune to unnatural base pair loss.
[…]
Romesberg emphasized that this work is only in single cells and is not meant to be used in more complex organisms. He added that the actual applications for this semisynthetic organism are “zero” at this point. So far, scientists can only get the organism to store genetic information.

Source: Scientists create first stable semisynthetic organism