Tag Archive for: FREE

Free Decryptor Released for Black Basta Ransomware

/in


A vulnerability in the encryption algorithm used by the Black Basta ransomware has led researchers to develop a free decryptor tool.

Active since April 2022, the Black Basta ransomware group employs a double extortion strategy, encrypting the vital servers and sensitive data of their victims and threatening to reveal the sensitive information on their public leak site.

Since the beginning of 2022, the criminal group has received at least $107 million in Bitcoin ransom payments. Over 329 victims have been affected by the ransomware gang, according to the experts.

A free decryptor has been offered by independent security research and consulting company SRLabs to assist victims of the Black Basta ransomware in getting their files back.

How Can the Files Be Recovered?

Researchers claim that if the plaintext of 64 encrypted bytes is known, data may be recovered. The size of a file determines whether it may be recovered entirely or partially. Files with less than 5000 bytes in size cannot be restored. 

Complete recovery is achievable for files ranging in size from 5000 bytes to 1GB. The first 5000 bytes of files larger than 1GB will be lost; however, the remaining bytes can be restored.

“The recovery hinges on knowing the plaintext of 64 encrypted bytes of the file. In other words, knowing 64 bytes is not sufficient in itself since the known plaintext bytes need to be in a location of the file that is subject to encryption based on the malware’s logic of determining which parts of the file to encrypt”, the researchers said.

It is possible to know 64 bytes of plaintext in the correct location for several file types, particularly virtual machine disk images.

Researchers developed various tools to aid in analyzing encrypted files and determining whether decryption is feasible.

The decrypt auto tool may recover files containing encrypted zero bytes. Manual review may be required depending on how often and to what extent the malware has encrypted the file.

Decrypting file with the decryptauto.py tool

Researchers say a magic byte sequence that is not included in the encrypted file is left by the malware at the end. The file only has zero bytes after the tool has finished running….

Source…

Get 65% off NordVPN and 3 months free

/in


This article contains affiliate links; if you click such a link and make a purchase, Digital Trends and Yahoo Inc. may earn a commission.

The NordVPN logo on a purple background.The NordVPN logo on a purple background.

NordVPN

Even though VPNs started out as a way to add a bit of anonymity and security when browsing the internet, they’ve blossomed into a full suite of features and added benefits, which is always a good thing for the consumer. One of the most well-known companies and best VPNs is probably NordVPN, and it offers a ton of features for some pretty great prices. For example, depending on the package, you can also get encrypted cloud storage or a password manager with its own additional functions. While these higher-end packages tend to be expensive, there are up to 65% discounts on various subscriptions as part of the end-of-year sales, plus three free months thrown in for free regardless of the package.

Buy Now

Why you should subscribe to NordVPN

If you’re interested in the cheapest offer available, then the best bet is to go for the 2-year Standard package that’s going for $102 instead of $224, which is 54% off the usual price. It includes the NordVPN itself, with all the additional features, such as double VPN, split tunneling, smart DNS, and a whole host of other things. There is also malware protection, which scans files and websites for malware and then blocks them, a feature that’s perfect if you’re buying this for a friend or family that isn’t tech-savvy. There is also an ad and track blocker, and while they might not be as good as specific plugins for each of those jobs, it’s still a nice addition to have, especially if, again, you’re getting this for somebody who isn’t tech-savvy.

Going a step up in subscriptions, there’s the Plus membership, which adds a cross-platform password manager, and is perfect if you don’t have one already, especially since they’ve become really useful and important these days. The Plus package also throws in a data breach scanner, which essentially scans the internet for your emails, passwords, and credit card information to see if it pops up anywhere so you know when and if you need to change things. Of course, the Plus package is a bit more expensive but not by much, running you $130 for the…

Source…

Top 12 Online Cybersecurity Online Courses for 2024 (Free and Paid)

/in


With so much online courseware on cybersecurity today, it can be a daunting task to narrow the top choices. To create this list of cybersecurity courses online, we talked to leading security professionals about what they recommend to newbies, computer science students, businesspeople and security pros looking to advance their careers.

When it comes to free cybersecurity courses online, keep in mind there’s no free lunch. Many free courses make students pay for a certificate on the back end, and online groups sometimes offer short seven-day or 30-day trials followed by a monthly subscription charge. Federal agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), are great sources of free security information. And those new to the field should check out the National Cyber Security Alliance (NCSA).

For paid courses, we started with some of the favorites among hackers and security researchers and refer readers to MIT cyber training courses, as well as online courses at the University of Maryland Global Campus (UMGC), Western Governors University (WGU) and Cybrary. As a bonus, we also linked to the NSA’s Centers of Academic Excellence (CAE) courses. While not exclusively online, people seriously pursuing careers in security need to be aware of these courses and the fact that many programs offer online options in the wake of COVID-19.

Best of the free cybersecurity courses online

1. TryHackMe

TryHackMe features content for people new to cybersecurity and covers a broad range of topics, including training for offensive and defensive security. TryHackMe also has Capture the Flag exercises with walk-through write-ups by contributing users that let members see how to approach and solve problems. Four levels are available:

  1. Complete Beginners. For those with no computing knowledge and who are unsure of where to start.
  2. Early Intermediates. For those who have basic computing knowledge and have used Linux.
  3. Intermediates. For those who know how computers work and have basic security experience.
  4. Advanced. For those who work in cybersecurity and penetration testing.

TryHackMe also has…

Source…

Bill from Illinois Democrat seeks to bridge digital divide through free wifi in local parks

/in


A Democratic congressman announced legislation this week that aims to use multiple federal government programs to bring broadband internet and computers to local parks across the country, bridging the digital divide in underserved communities by providing free internet services.

The Technology in the Parks Act of 2023, introduced by Rep. Danny Davis, D-Ill., aims to boost innovation, increase technology training and decrease inequality through multiple relevant internet programs.

“I believe that this legislation aligns with the nation’s commitment to fostering innovation, education, and community development,” Davis said in a statement. “This legislation, once passed, will contribute to building a more technologically inclusive society, ensuring that the benefits of advancements reach all corners of our community.”

The bill proposes an expansion of the Federal Communications Commission’s E-rates internet program to include local parks, which Davis said is key to bringing broadband access to outdoor community spaces, similar to the existing coverage for schools and libraries.

The FCC’s E-rate program helps schools and libraries across the country gain access to affordable broadband internet and is the government’s largest educational technology program.

The legislation would include local parks in the U.S. General Services Computers for Learning Program, providing access to computer equipment that federal agencies have identified as excess property and enabling technological advancements and digital literacy in those areas.

The third piece of the legislation would require the Labor Department to establish a program to offer grants for technology training programs in local parks, supporting skill development and ensuring that local parks that host such programs are eligible for E-Rate support.

The legislation “is a crucial step in bridging the technological divide and promoting education and skill development in our communities,” Davis said. “By extending E-Rate support to local parks, we empower these spaces to become hubs for technology training, creating opportunities for skill acquisition in areas such as coding, cyber…

Source…