New variant of Petya ransomware attacks computers worldwide

Less than two months ago, WannaCry made the headlines as the most destructive malware in the history. This time the world faces a new virus which uses the functionality of Petya ransomware: Petrwrap. It has already hit many companies and institutions from different countries including Merck, Rosneft, Maersk, Mondelez, causing severe operational disruptions. How Petrwrap […]

Ranstop protects against Sorebrect fileless ransomware – TEMASOFT Lab Demo

Sorebrect case subject – fileless ransomware This variant arrives as a text file with a name that tricks the users into opening it either downloaded from malicious websites or installed by other malware. It injects malicious code in the Service Host process (svchost.exe) to avoid antivirus detection and application control. The actual encryption is done from […]

How to detect data breaches

Most people do not know where all their important files are, and this makes detecting data breaches tad difficult. To fully understand where data is, companies use data indexing solutions, but these are expensive and come with a significant IT overhead. There are, however, simpler ways to get just enough insight into where important files […]

How to protect against ransomware

Ransomware is an important phenomenon nowadays and dealing with it is a top concern of IT admins. This type of malware is capable of incurring enormous costs on businesses that rely on IT to carry out everyday activities so enterprise ransomware protection became a hot topic in IT communities. From our experience, simple measures and […]

How to recover from ransomware attacks

This article provides information on what to do when attacked by ransomware, depending on how important the files are and your skills when using computers. Everyone should have the important files backed up on a regular basis. This ensures that you do not lose it all in case your computer is compromised or if ransomware […]

Ranstop offers protection against ransomware embedded in PDF files – TEMASOFT Lab Demo

Case subject – A new PDF based ransomware This new variant arrives as a PDF file that contains Javascript blocks and at least one embedded document. When the PDF is viewed, it opens the embedded Microsoft Word document. The embedded document contains a macro that downloads and executes the ransomware payload. The PDF file is […]

Ranstop stops zero-day Jaff variant – TEMASOFT Lab Demo

Case subject – A zero-day Jaff (WLU extension) Jaff ransomware has seen some updates lately and we selected the newest variant for today’s exercise. At the time of the recording, the detection rate on virustotal is 18/60. Jaff is distributed through email SPAM campaigns that trick users into opening malicious attachments. A common example is the claim […]

Ranstop stops zero-day, script-based Spora variant – TEMASOFT Lab Demo

Case subject – A zero-day Spora variant packed as a command line script Today’s test uses a zero-day variant of Spora, disguised as a command line script. The file is distributed via email campaigns and, on execution, starts Microsoft Word and launches a background process that performs the actual encryption. At the time of the […]

Ranstop anti-ransomware stops WannaCryptor v2 – TEMASOFT Lab Demo

Case subject: WannaCryptor(WannaCry) v2 – (Virustotal details) Following up on the massive WannaCrypt attack, we have tested TEMASOFT Ranstop against several variants and recorded the test against the newest version- WannaCryptor v2. This version still spreads via email campaigns and combines the ransomware payload with worm spreading capabilities, but it uses a different command and […]

Wanna Cry ransomware reveals the limits of the current security systems

The world is in shock after the most damaging ransomware attack in history, and many people ask how this is possible and what’s next. How the attack was possible and who is affected At TEMASOFT we’ve investigated the attack, and the results show the ransomware itself is not very different from typical ransomware if we look […]