Get Your System Back From Petya Without Paying a Penny!

When it comes to security threats and risks, the community as a whole is at its best when it has a common goal. An example of this was two weeks ago when a new ransomware was found going by the name Petya. Petya didn’t act like normal ransomware but instead decided it would go after your master boot record, often locking people out their entire system until they received their password after paying a nice little fee. That was until some clever people got together to create some tools to get your system back from the ransomware without paying a single penny!

The original web tool came from the twitter account @leostone and lets you retrieve your file by providing it with a selection of data from the infected hard drive. Getting the data may seem like something difficult but a separate researcher went and created a tool titled Petya Sector Extractor that can find and retrieve the required data in seconds.

By removing the hard drive and plugging it into another computer, these tools can work together to retrieve the password required to unlock your master boot record from the clutches of Petya. The sector extractor tool is hosted by Bleeping Computer, a computer self-help forum, and reports that not only does the technique work but has also provided a step-by-step tutorial for anyone who isn’t 100% regarding how to return all their family photos at zero cost.

WordPress Enables Free HTTPS Connections to Custom Domains

WordPress is a free, open source content management system, typically used for blogs and quick makeshift websites. While it’s nice to have your own content, you want to make sure that its safe and secure, something which the “Lets Encrypt” project hopes to improve upon, a project that WordPress have now joined.

The Lets Encrypt Project announced on March 9th that it would soon take on a new name as it transitioned to its new home at the Electronic Frontier Foundation (EFF) a group specialising in the law, security and technology.

WordPress has now announced that it has joined the program, offering the green lock symbol everyone loves to see when travelling through the internet, with any custom domains (those that don’t have .wordpress.com in their address) now gaining the benefits of the free SSL certificate issues by the program automatically with little to no effort on their owners behalf. You can find the steps to give your website access to HTTPS certificates here, giving everyone the benefit of free and reinforced security for their websites.

Not only is it free but you get a more secure connection for minimal effort, something that has been hard to do for website up until now. What is not to like about this program? Especially those with WordPress blogs.

Feds Tell Court Apple Creates Technology To Thwart iPhone Warrants

The Department of Justice (DOJ) is currently working with the FBI in a legal battle against technology giant Apple. After being told to help unlock an iPhone through a software modification, the company began to argue that they could not be made to bypass their own security features by use of an All Writs Act. The DOJ have now filed fresh claims that specifically say that Apple is creating technology to thwart iPhone warrants.

The Department of Justice filed a brief on Thursday stating that Apple had created technology to render search warrants useless because of a “deliberate marketing decision”. The result of this decision is the current legal battle between the FBI and Apple and the questions being asked in congress regarding privacy vs security.

The brief carries on to that the use of the All Writs Act ensures “that their lawful warrants were not thwarted by third parties like Apple”. The brief continues to say:

Apple deliberately raised technological barriers that now stand between a lawful warrant and an iPhone containing evidence related to the terrorist mass murder of 14 Americans. Apple alone can remove those barriers so that the FBI can search the phone, and it can do so without undue burden. Under those specific circumstances, Apple can be compelled to give aid. That is not lawless tyranny. Rather, it is ordered liberty vindicating the rule of law.

Given that it’s been pointed out by several other people could also hack the iPhone, and while they claim it could be done without undue burden (an argument Apple has used to say that it won’t do it because of the impact it would have on their business), we have already been told that there are hundreds of iPhones in criminal cases which the FBI “could” want to be unlocked. Security experts are already coming out speaking about this latest filing

Security experts are already coming out speaking about this latest information about a topic which seems to escalate with every passing day.

https://twitter.com/JZdziarski/status/708059202107928577?ref_src=twsrc%5Etfw

https://twitter.com/agcrocker/status/708034792026050561?ref_src=twsrc%5Etfw

New Ransomware Does The Unforgivable – Forgets How To Unlock Your Files

Ransomware is a whole new level of problems for computer users. Previously malicious software, or malware for short, would spread causing chaos and destruction wherever it could, but ransomware is a little more targeted. Ransomware is designed to stop you from accessing your files and in order to gain access you are normally requested to pay an account a sum of money. With the kind of details you store on your computers these days, can you afford not to pay? Even the FBI say pay the ransom, but what happens when they don’t decrypt your files, granting you access which you’ve just paid a lot of money for. It’s a risk many take and many more will have to suffer thanks to the ransomware Power Worm, which forgets how to decrypt your files.

Encryption is the process in which using a key (similar to a password) you jumble up a file, making it extremely difficult to read or access without knowing the password that was used to encrypt it in the first place. Power worm does the usual, gets into the system and then encrypts your files but thanks to a NULL result in its code it forgets to store the key, meaning even if you pay its impossible to retrieve your files.

Please protect your files with regular backups on an external memory device and be careful when downloading or running any software.

Image courtesy of NSK Inc.