what is ransomware?

Ransomware is a Trojan designed to extort money from a victim. Often ransomware programs require a fee for cancelling the changes that were made by the Trojan program on the victim's computer.

encryption of data on the disk, so that the user can no longer access his files;
blocking access to the device.
Methods for penetrating ransomware onto a computer
The most common ways to install ransomware Trojans are:

using phishing;

by placing malware on a website.
After installation, the Trojan either encrypts the information that is stored on the victim’s computer or blocks the normal operation of the computer, displaying a message requesting payment of a certain amount for decryption the files and restoring the system. In most cases, a message requesting a money transfer appears when the user restarts the computer after infection occurs.

what is ransom ware

Ransomware is increasingly being used by cyber criminals around the world. However, ransom demand messages and ways to extort money in different regions may be different. For instance:

Fake messages about the presence of unlicensed applications
Such Trojans throw out a message stating that unlicensed software is installed on the victim’s computer. Then payment is required.
Fake Illegal Content Reporting
In countries where pirated software is less common, this method is not very effective. Instead, a pop-up message from ransomware Trojans can mimic a message from law enforcement agencies about the discovery on a computer of content containing child pornography or other illegal content. The message is accompanied by a fine.

Ransomeware attacks

Ransomware is a type of malware that data on a victim's computer is often locked by encryption. Payment is requested before the affected data is decrypted and the access to the victim is returned. Ransomware attacks are almost always related to money, and unlike other types of attacks, the victim is often notified in the event of an attack and learns the instructions to follow to get rid of the attack. Usually, payments are requested to be made with cryptocurrencies, such as bitcoin, so that the identity of the cyber criminal is unknown.

So is ransomware a virus? No! Viruses can infect and reproduce in your files or software. However, the ransomware scrambles your files to make them unusable and demands payment. Both can be removed with virus protection software, but if your files are encrypted, you won't be able to get them back.

Why should businesses worry about ransomware?

Ransomware damages your business. Failure to access your own files for a day due to malware causes your income to be negatively affected. Ransomware attacks can often leave victims offline for at least a week, sometimes months, and cause serious losses. Systems stay offline for so long, not only because ransomware locks systems, but also because of all the effort required to clean and restore networks. And this business will not only cause financial short-term losses; In addition, consumers are afraid to give their data to institutions that they think are not safe and to work with those brands.

How ransomware gets into your computer

Social Engineering: A term used to trick people into downloading malware with a fake attachment or link. Malicious files are often hidden as ordinary documents (order confirmations, receipts, invoices, notifications) and appear to have been sent by a reputable company or organization. Trying to download or open one of these on your computer is enough to be affected by ransomware.

Malware: These are paid advertisements that cause ransomware , spyware, viruses, and other bad things at the click of a button . Hackers can buy advertising space on popular websites and even social media networks to capture your data.

Exploit Kits  : These are pre-written codes placed in ready-to-use hacking tool. These kits are designed to exploit vulnerabilities caused by legacy software.

Drive-by Downloads: These are dangerous files that are downloaded to your computer when you don't want to. Some malicious websites use outdated browsers or apps to silently download malicious software in the background while you browse an innocent website or watch a video.

Ransomware uses Gigabyte driver to disable antivirus

Extortionists demand a ransom from their victims, which increases by $ 10 thousand every day.

Sophos experts warned of new cyber attacks using RobbinHood ransomware. Criminals use the vulnerable Gigabyte driver to hack into a Windows system and disable running antivirus software.

During the attack, attackers exploit the uncorrected vulnerability (CVE-2018-19320), discovered in 2018 in the Gigabyte driver. The exploitation of the vulnerability allows you to access the device and install a second driver, with which criminals disable antivirus programs.

The Steel.exe executable file is used to exploit the vulnerability in the gdrv.sys driver and extracts a file with the name ROBNR.EXE in a temporary Windows folder. ROBNR.EXE, in turn, extracts two different drivers - one of which was developed by Gigabyte and contains a vulnerability, and the other is needed to disable antivirus software on a compromised device. After exploiting the vulnerability, the forced use of the Windows driver signature is disabled, which allows the malicious driver to be launched.

For access to encrypted files, ransomware requires a ransom from their victims, which increases by $ 10 thousand every day.

Intel says chip supply for PCs stays tight

(Reuters) - Intel Corp (INTC.O) said on Wednesday it was expanding its dependence on contract chip makers to increase supply of chips utilized in PCs as the organization battles with shipment delays in the midst of more popularity.


Intel said supply remained "incredibly tight" despite the fact that it has extended its assembling limit and expanded second-half PC chip supply by twofold digits contrasted and the primary half.


"Notwithstanding our earnest attempts, we have not yet settled this test," the chipmaker said in a letter, where it additionally apologized to its clients and accomplices for the deferrals.


Intel had said in October that request in the PC business was exceeding its capacity to include limit and it was thinking about outside chip creators.


Portions of the chipmaker, which reaffirmed its estimate for the final quarter, were down 1% in secondary selling exchanging.


Read more

Top 5 Virtualization Certifications

In today's competitive IT job market, virtualization is a must-have technology and job niche. Popularity is exploding and virtualization and cloud computing translate into a strong demand for experienced and certified virtualization professionals. 

In times of high and low economy over the past few years, virtualization-related IT job opportunities have maintained a pure "hot spot" in the job market. When we look at recent top positions in IT, top IT pay, and job search. top IT certification for the past 5 years, in fact, we have seen at least one virtualization entry in each of them, and occasionally more than one. This makes it almost unanimous that virtualization is a good set of skills and knowledge for any IT professional who works with systems, networks or IT infrastructure or architecture to pursue and own.

Virtualization is a space technology where there are platform rules. This explains why the major certifications are from vendors that offer their own specific virtualization platforms and tools. These leading companies include VMware, Citrix, Red Hat, Oracle, and IBM. While there are other virtualization players in this niche, they really can't compete with these large, well-established companies. (Let's mention others briefly, and provide links, at the conclusion of the article - see Beyond the Top 5: More Virtualization cert.)

Find information on  VMware Certified Professional 6 – Network Virtualization 

Artificial intelligence based fraud prevention system

There are many cases of professional use more or less convincing artificial intelligence (AI). But there are two that interest more and more organizations: detecting and deterring fraud. This is demonstrated in a study conducted in partnership with the Association of Certified Fraud Examiners (ACFE) and the SAS analysis company.

The study, entitled "Anti-Fraud Technology Benchmarking Report", is based on responses from more than 1,000 CAFE members from all sectors and around the world. The goal was to find out how they used AI to reduce fraud.

One of the most interesting findings of the study is that only 13% currently use AI for this purpose. But a quarter plan to start doing this within two years.

Most recent threats

This is not surprising considering the benefits that artificial intelligence could bring to the detection of fraud. For example, the AI ​​can determine if an interaction with a company does not match typical transaction characteristics.

To do this, you have to look at many features in seconds, which no expert can succeed. Some AI solutions can also detect various types of fraud without prior exposure. Such an advantage allows business systems to stay up-to-date and face the latest threats.

The study also showed that half of the companies plan to spend more of their budget on anti-fraud technology over the next two years. Almost one in four organizations already uses biometrics to stem fraud. 16% plan to use it by 2021.

Companies also plan to adapt the way they analyze data. Automation should be one of the most successful solutions: a vast majority (72%) of organizations plan to use automated monitoring, anomaly detection and exception reporting by 2021. This strategy will help probably save time and avoid false alarms.

Reduce the number of false positives

The results of this survey also indicate that 52% of respondents plan to rely on modeling and predictive analysis (an increase of 22%). Predictive analytics could help them determine which types of threats are most likely to impact their business.

Banks and financial institutions could benefit from a fraud detection solution based on machine learning or machine learning.

According to a case study presented by Teradata, the AI ​​has allowed Danske Bank (the largest bank in Denmark, which is also at the heart of a scandal based on 200 billion euros of suspicious transactions ...) to modernize its Fraud detection process and reduce the number of suspected false positives of 1,200 per day.

The AI ​​solution that has been selected can evaluate credit card transactions, online and via mobile in less than 300 milliseconds. For its part, Mastercard relies on the detection of fraud via the AI ​​to reduce the number of fraudulent transactions and the number of times customers refuse transactions when everything is fine. Mastercard's technology can reduce the rate of transactions that have been inadvertently declined by 50%.

By combining supervised learning algorithms built on historical data with unsupervised learning, companies could gain more insight and clarity about the relative risk of client behavior.

With an artificial intelligence-based fraud prevention system - which evaluates historical data and anomalies - the customer experience is not impacted.

Read more