NSA has discovered a critical vulnerability affecting Microsoft Windows cryptographic functionality. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality.Microsoft released a patch today for Windows CryptoAPI Spoofing […]
Microsoft Security Bulletin Coverage for Jan 2020
SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of January 2020. A list of issues reported, along with SonicWall coverage information are as follows:CVE-2020-0601 Windows CryptoAPI Spoofing VulnerabilityIPS 14728: Windows CryptoAPI Spoofing Vulnerability (JAN 20) 1IPS 14729: Windows CryptoAPI Spoofing Vulnerability (JAN 20) 2IPS 14730: Windows CryptoAPI […]
MZP Ransomware actively spreading in the wild
The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of MZP ransomware [MZP.RSM] actively spreading in the wild.The MZP ransomware encrypts the victim’s files with a strong encryption algorithm until the victim pays a fee to get them back.Infection Cycle:The ransomware adds the following files to the system:Malware.exe% App.path% HOW […]
Debug build of Jigsaw Ransomware contains SMTP email credentials
The SonicWall Capture Labs Threat Research Team observed reports of a new version of the Jigsaw ransomware. The version analysed here appears to be an early debug build and sports a new interface, a significant departure from interfaces using clown images in previous versions. As this is a test version of the malware, no encryption […]