Windows 10 pulls update as concerns about bugs grow.

Windows 10 update mysteriously pulled!

The Downloadable versions of Windows 10 (version 1511), the November 2015 update have been removed after their release earlier this month.

Microsoft let people download the full copies of the installer using the Media Creation Tool (MCT). Media produced with the MCT can be used to perform both upgrades and clean installations and it's especially convenient when updating multiple systems. This ensures that only a single download is required. But the version 1511 MCT has been removed and replaced with the original July version. Systems can still be upgraded to the November update, but direct installation is no longer possible. Instead, the original RTM version must be in stalled and the upgrade to 1511 performed through Windows Updates.

This has become inconvenient. The ability to install 1511 on clean systems is quicker than going via the RTM version. It means on large download instead of two. Upgrading multiple systems with the MCT is also obviously preferable. It's mysterious because it's not really clean why the 1511 installer has been pulled.

Source:  Arstechnica T

Email us: sales@ripeva.com 
Call us: 563-213-4015

The Cryptowall Ransomware has Returned!

Intronis Industry and Tech Blog

CryptoWall returns for another round with CryptoWall 4.0

The gold standard in ransomware, CryptoWall, is making the rounds again with a new 4.0 release. In this revision, there are some pretty important changes that are going to make life more difficult for both infectees and security researchers looking to counter the software’s malicious activities.

If you aren’t already familiar with it, CryptoWall is a piece of software that falls under the category of “ransomware.” Ransomware products encrypt data on an infected system, preventing access until some amount of money is paid. The ransom for files is generally in the neighborhood of $500 but could be more or less depending on the developer. In most cases, the malware drops a list of targeted file types, such as .docx or .ppt, and attacks those. Once the files are encrypted, a message is displayed to inform the system’s user of the attack and how to pay the ransom.

Cryptowall 4.0 follows most of the “standards” for this type of malware. It uses the RSA-2048 algorithm, which is used by most major ransomware and is functionally unbreakable with current technology. It communicates with command, control, and communications (C3) systems using RC4 encryption, and communicates with its victims to collect the ransoms via the TOR browsing utility. It spreads via spam emails and so-called “drive-by downloads.” It also wipes shadow copies and disables system restore and startup repair, and network drives and local drives can both be affected.

What’s different about CryptoWall 4.0?

Where Cryptowall 4.0 differs is that it now encrypts the filenames as well as the files themselves, making it nearly impossible to identify which files are which. Previous iterations only encrypted the data within the files, not the filenames.

Additionally, the splash screen and ransom notes have been updated. Now, in addition to the usual instructions on how to pay for the decryption key and new filenames in each folder directory storing affected files, the ransom notes contain language that mocks the victim more than previous iterations.  Lastly, it seems that this version no longer uses the I2P protocol for communication, unlike version 3.0.

Recovering from CryptoWall 4.0 is essentially the same as in past versions: You either have to pay the ransom or restore from a backup. There’s no other way around it.

For more information on this variant, the helpful folks over at the BleepingComputer forums areactively peeling this bug apart, and they have a fantastic guide on removing the ransomwarehere.  For more information on ransomware, feel free to check out our Cybersecurity Resource Center or download our new e-book, The MSP’s Complete Guide to Cyber Security.

Call us : 1-855-974-7382  or Email us : sales@ripeva.com