SoylentNews is people
SoylentNews
CryptoWall, one of a family of malware programs that encrypts files and demands a ransom from victims, has undergone a revamp that is frustrating security researchers.
Cisco's Talos Security Intelligence and Research Group has now analyzed a second version of CryptoWall that has improvements that make it harder to detect and study.
The sample of CryptoWall analyzed by Cisco was sent via email in a ".zip" attachment. Contained in that attachment is an exploit that uses a Microsoft privilege escalation vulnerability, CVE-2013-3660 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3660 ), to gain greater control over the computer, Carter said.
If opened, CryptoWall doesn't decrypt its whole binary but instead just a small part, which then checks to see if it is running in a virtual environment, Carter said.
CryptoWall won't continue to decrypt itself if it is running in a virtual machine. Files are sometimes analyzed in a sandbox within a virtual machine to check if they're possibly malicious.
http://www.computerworld.com/article/2865303/cryptowall-ransomware-variant-gets-new-defenses.html
Cisco has a full technical writeup on its blog. http://blogs.cisco.com/security/talos/cryptowall-2
(Score: 2) by opinionated_science on Monday January 12 2015, @04:26PM
I sprung for as much RAM as I could get in a box for my calculations - RAM is not the problem. I could do with a 1000 TFlop GPU though.....
(Score: 2) by kaszz on Monday January 12 2015, @04:40PM
How many GFlop GPU do you get now? and with what hardware?
And for what application?
(Score: 2) by opinionated_science on Monday January 12 2015, @06:39PM
GROMACS, 2xGTX980, 10TFLOPs (single), though I thing it runs at ~2TFLOP (single). 3D FFT is a problem... Will give some Xeon Phi's a try soon.