Skip to main content

Posts

Showing posts from March, 2019

What is Ransomware & How to Prevent it?

Hackers are looking for a new and easier way to make money by entering on other people's system and ransomware is one of the tools they use to make money by locking the computer of people and organization. In my previous article, I discussed cryptojacking malware and why it is a big threat to information security. On that article, you can read how and why bad guys are injecting code on people's computer to make money from that. Ransomware is another major threat to cyberspace that I would like to discuss this article.

What is ransomware?
Ransomware is a software that is designed to block access to any system, files or operating system until we pay a certain amount to the attacker. Most of the time the attacker will encrypt the files of the computer and they will provide the key to decrypt only after paying the amount they are demanding. Most of the ransomware attack will give very limited time to the victim to pay the demanded amount and if they fail to decrypt it within the ti…

Triton: A Malware That can Kill Human

When we think of malware we think of a program that is designed to harm a computer device, servers or network. But these days bad guys are creating malware targetting the critical infrastructure which can deliberately kill people. Malware that is targetting critical infrastructure and human damage is not new in the cyberspace as there were few other cases before like Stuxnet but nowadays such malware is increasing at an alarming rate.

Recently one malware was detected by an experienced cyber responder Julian Gutmanis which could pose a serious threat to human life. The malware was found on the server of the petrochemical plant in Saudi Arabia in the summer of 2017. The initial vector of malware infection is still unknown but it could be the result of a phishing attack. Hacker managed to deploy their malicious program on the plant's safety instrumented system so that they could have full control of the safety system of the plant. Hackers were able to control the plant's system …

NSA Releases Open Source Software Reverse Engineering Tool called Ghidra

Research Directorate of National Security Agency (NSA) has released an Open Source Software Reverse Engineering tool called Ghidra. This software is very useful for a software developer and security researcher to analyze the source code of various programs. Especially this software can be helpful to find the malicious code inside a malware and can be used to gather information on how malware is functioning. This software has a lot of features, some of the most important features include the ability to disassembly, assembly, decompilation, graphing and scripting. It also supports plugin so one can develop their own plug-in using Java or Python.

Currently, it is available for Windows, Mac OS & Linux and it only supports 64bit version of OS. Ghidra doesn't use traditional installation file to install the program, it comes with a compressed file and it can be extracted on any file directory to run the program.

Ghidra requires Java Runtime and Development Kit on the path to run the…