Íñigo Echavarri The role of “Threat Hunting” as an enabler in ransomware incident response Following in the wake of the articles developed to shed light on incident response in our group, it seems clear that the actions required to deploy ransomware with the...
Martiniano Mallavibarrena Understanding The Dynamics of Ransomware Security Incidents The ransomware phenomenon If there is one term that has earned its way to the top of the headlines in the media over the last two years, ransomware is undoubtedly...
Félix Brezo Fernández The Work of a Cyber Intelligence Unit in The Context Of Incident Response Besides the work carried out by our colleagues in the forensic analysis, malware analysis or Threat Hunting teams, which we have reviewed in the articles in this series associated...
Víctor José González Arcos DFIR services in a ransomware incident response As we saw in the first post of the series, the IR (incident response) process in case of attacks using ransomware is fundamental, relying on the work of several...
ElevenPaths Wannacry chronicles: Messi, korean, bitcoins and ransomware last hours It is hard to say something new about Wannacry, (the ransomware itself, not the attack). But it is worth investigating how the attacker worked during last hours before the...
ElevenPaths Telefónica WannaCry File Restorer: How can we recover information deleted by WannaCry? When cyberattacks occur in large organizations, it is crucial to remember where duplicate files are stored, as this information is also subject to infection by a malware virus or...
Florence Broderick ElevenPaths is now a NoMoreRansom.org associated partner Ransomware has a severe impact for IT companies and users. The increasing popularity of this security threat along with the profitable business for criminals make ransomware one of the...
Florence Broderick ElevenPaths discovers the Popcorn ransomware passwords: no need to infect other people to decrypt for free MalwareHunterTeam has discovered a new variant of ransomware that is quite curious. At ElevenPaths we have been able to download and analyze the new improved versions that make several...
Florence Broderick Trend Ransomware Report 21st Century ExtortionThe scourge of crypto-ransomware malware featured prominently in threat predictions for 2015, and the 165% increase reported in Q1 2015 indicate that these fears were well founded....
ElevenPaths Telefónica WannaCry File Restorer: How can we recover information deleted by WannaCry? When cyberattacks occur in large organizations, it is crucial to remember where duplicate files are stored, as this information is also subject to infection by a malware virus or...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick The Turkish behind pr0nClicker, uploads badware to Google Play for the fourth time During last week, the Turkish (maybe a gang, maybe just a person) behind the pr0nClickers malware got to avoid Google Play defenses and upload again dozens of fake apps...
Florence Broderick JSDialers: apps calling premium rate numbers (with new techniques) in Google Play During last year, a lot of “made in Spain” malware was found in Google Play. It was basically malware that tried to silently subscribe the victim to premium SMS numbers. From a while...
Florence Broderick The beginning It is widely known that writing the first post is always a difficult task, but it is a compelling one. It’s the start of a new path that you...
