Monthly Archives: September 2016

Dealing with ransomware in Office 365

pastedgraphic-1-kopieGoogle Docs, iWork, Office 365, … The number of organizations that has made the switch from local mail servers to a cloud-based collaboration offering, is growing at an increasing pace.

The reasons for switching are clear: no investments upfront because you pay as you add users, no personnel required for imaging your infrastructure, easier access from anywhere, … you can probably come up with some extra reasons as well. Continue reading

The French Dark Underground: the craziest products for sale

img-cover-300x210 All crime reflects the culture that it happens in. What is perfectly legal in one country can be a serious crime in another. What makes the difference, generally, is the different cultures in those counties. Cultural reflections in crime are something you see in online crime as well.

While there are some things that are universal to online crime around the globe (like malware), a lot of online crime reflects the culture just like real-world crime does. This is a theme that has emerged over the past three years in our ongoing investigations into the different countries’ markets that make up the global Cybercrime Underground Economy. We’ve just released our latest report in that series, focusing on France, a new addition to our country roster.  Continue reading

What to do if you’re infected by Ransomware

2016-1H-The-Reign-of-Ransomware

If you’re reading this posting, odds are that you or someone you know is the victim of a ransomware attack. Ransomware continues to grow as a prevalent threat . The number of new ransomware families we saw in the first half of 2016 alone has already eclipsed the total 2015 volume by 172%. With ransomware attacks becoming more and more sophisticated and prevalent, we believe that the threat will potentially cause more damage going into the second half of the year.

This post is meant to tell you exactly what we think you should do if you’re looking at a ransomware screen. Most importantly, here’s what you shouldn’t do …. pay the ransom. I can’t emphasize that enough: don’t pay the ransom.  Continue reading

Can malware be spotted in TLS without having to decrypt the traffic?

Malware may be hiding in TLS traffic.Decryption of traffic encrypted by Transport Layer Security is still a controversial topic. TLS, which has succeeded the deprecated Secure Sockets Layer as the acceptable standard technology for HTTPS and encrypted email, is crucial for ensuring that messages are not subject to prying eyes. In recent years, its importance has only increased in the wake of revelations about the extent of government surveillance worldwide, as well as the emergence of game-changing exploits such as Heartbleed. The latter made it crucial for everyone from hosting providers to e-commerce merchants to move to at least TLS 1.1 (but preferably TLS 1.2). Continue reading