How to recover files encrypted by BadRabbit ransomware?

Researchers at Kaspersky Lab has discovered that some victims may be able to recover their files without paying any ransom.   The discovery was made by that analyzed the encryption functionality implemented by the ransomware: the Bad Rabbit leverages the open source library DiskCryptor in order to encrypt the user files, but uses the same screen…

A Petya Ransomware variant that uses the eternalblue exploit starts from Ukraine and spreading…

What we know so far? UPDATE: We have a local vaccine New ransomware start spreading in Ukraine and shutdown a lot of critical infrastructures (hospitals, airport, banks and power plants). Some report coming also from Italy, Germany and Spain. Early comments on VirusTotal indicate the usage of the EternalBlue exploit: Whe started, the malware clears the windows…

WannaCry Ransomware: What we know so far

A press review constantly updated (last update: 20170515 10:00) How it works? Once WannaCry infects a PC behind the firewall, it can move laterally within networks and self-propagate to other systems, scanning and identifying systems with ports 139 and 445 open, listening to inbound connections, and heavily scanning over TCP port 445 (Server Message Block/SMB), which allows…