Tag: SonicWall Capture Labs Threat Research Team

Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601

NSA has discovered a critical vulnerability affecting Microsoft Windows cryptographic functionality. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality. Microsoft released a patch today for Windows CryptoAPI […]

Microsoft Security Bulletin Coverage for Jan 2020

SonicWall Capture Labs Threat Research Team has analyzed and addressed Microsoft’s security advisories for the month of January 2020. A list of issues reported, along with SonicWall coverage information are as follows: CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability IPS 14728: Windows CryptoAPI Spoofing Vulnerability (JAN 20) 1 IPS 14729: Windows CryptoAPI Spoofing Vulnerability (JAN 20) 2 […]

MZP Ransomware actively spreading in the wild

The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of MZP ransomware [MZP.RSM] actively spreading in the wild. The MZP ransomware encrypts the victim’s files with a strong encryption algorithm until the victim pays a fee to get them back. Infection Cycle: The ransomware adds the following files to the […]

Debug build of Jigsaw Ransomware contains SMTP email credentials

The SonicWall Capture Labs Threat Research Team observed reports of a new version of the Jigsaw ransomware. The version analysed here appears to be an early debug build and sports a new interface, a significant departure from interfaces using clown images in previous versions. As this is a test version of the malware, no encryption […]