Question

In: Computer Science

Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question:...

Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!!

Question: Using a Web browser, perform some research on a newer malware variant that has been reported by a major malware containment vendor. Using a search engine, go to the vendor’s Web site; this could be Symantec, McAfee, or any of their competitors. Visit one malware prevention software vendor. Search for the newest malware variants and pick one. Note its name and try to understand how it works. Now look for information about that same malware from at least one other vendor. Were you able to see this malware at both vendors? If so, are there any differences in how they are reported between the two vendors?

Solutions

Expert Solution

Newer Malware Variant -

1) LIST OF COMPUTER SECURITY COMPANY - (by google search results)

Malwarebytes, ESET, McAfee, Webroot, Kaspersky, Panda Security, Symantec etc.

2) Search for the newest malware variants -

links -

"https://www.mcafee.com/enterprise/en-in/threat-center.html"

"https://www.symantec.com/security-center/threats"

3) Malware name and its working -

Ryuk - Ransomware - "https://www.mcafee.com/enterprise/en-in/threat-center/threat-landscape-dashboard/ransomware-details.ryuk-ransomware.html"

WORKING - The ransomware uses AES and RSA encryption and demands between 15 and 50 Bitcoin for the decryption key. The malicious software kills hundreds of processes and services and also encrypts not only local drives but also network drives. The attacks are reported to be targeted at organizations that are capable of paying the large ransom demanded. Variants found in mid 2019 will not infect the system if the computers IP address or computer name is part of a blacklist.

Now at symantec -

Name - Ransom.Ryuk - " https://www.symantec.com/security-center/writeup/2019-051315-1353-99?om_rssid=sr-latestthreats30days"

Description - Ransom.Ryuk is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. The Trojan ends processes and services related to antivirus, database, backup, and document editing software.

Differences in how they are reported -

On both the websites it is indicated what the malware does i.e. compromises system and demands money just in different manner.

On the McAfee website they have specified the Sources that reported attack by the malware and links to all the reports indicating detailed information for the same.

While on Symantec corporation they specified short description and a detailed Technical description as how the malware actually works. Further they have given recommendations to adhere best practices.


Related Solutions

Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question:...
Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question: Using a Web browser, search for “incident response template.” Look through the first five results and choose one for further investigation. Take a look at it and determine if you think it would be useful to an organization creating a CSIRT. Why or why not?
Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question:...
Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question: Using a Web browser, identify at least five sources you would want to use when training a CSIRT. Using a Web browser, visit mitre org. What information is provided there, and how would it be useful?
Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question:   ...
Please DO NOT copy-paste from other sources. answer will be checked for plagiarism. Thank you!!! Question:    Using a Web browser, visit securityfocuscom. What is Bugtraq, and how would it be useful? What additional information is provided under the Vulnerabilities tab? Using a Web browser, visit certorg. What information is provided there, and how would it be useful? What additional information is provided at cert org/csirts/?
Note: Plagiarism is strictly prohibited please do not copy paste from internet . Question 01: Prepare...
Note: Plagiarism is strictly prohibited please do not copy paste from internet . Question 01: Prepare a training method based on training and development objectives of an organization (300 words) Question 02: Prepare a program of training and development using different evaluation methods and techniques. (300 words) (PREFERABLY TO YOUR CURRENT JOB or IN YOUR OWN BUSINESS) . Note: Plagiarism is strictly prohibited please do not copy paste from internet do the second question as per chegg policy
Note: Plagiarism is strictly prohibited please do not copy paste from internet Required: Question 01: Explain...
Note: Plagiarism is strictly prohibited please do not copy paste from internet Required: Question 01: Explain SWOT ANALYSIS (150 words) Question 02: Do the SWOT Analysis of STARBUCK (500 words) . Please the SWOT Analysis of Starbuck must be each point have 5 5 sub points . Note: Plagiarism is strictly prohibited please do not copy paste from internet
Note: Plagiarism is strictly prohibited please do not copy paste from internet Required: Question 01: Explain...
Note: Plagiarism is strictly prohibited please do not copy paste from internet Required: Question 01: Explain SWOT ANALYSIS (150 words) Question 02: Do the SWOT Analysis of McDonalds (500 words) . Please the SWOT Analysis of McDonalds must be each point have 5 5 sub points . Note: Plagiarism is strictly prohibited please do not copy paste from internet
Please answer this in at least 300 words. Not copy and paste from another sources please....
Please answer this in at least 300 words. Not copy and paste from another sources please. In what ways do you think the development of new products differs from the development of new services?
Please don't copy and paste answers from several sources. Write in your own words! Do you...
Please don't copy and paste answers from several sources. Write in your own words! Do you feel teams help or hurt creativity? Give specific examples. How should you handle a freeloader (someone not willing to do their share of the work) on a team where you are a member? Be specific. For an organization where you have worked, list three ways the organization helped you do your job. (This can be any type of organization if you have never worked.)...
Please don't copy and paste from the internet. Thank you - What event will cause the...
Please don't copy and paste from the internet. Thank you - What event will cause the sender to initiate fast retransmit when using TCP? - Describe briefly the relationship between the round trip time (RTT) observed between a sender and a receiver and the retransmit timer used in TCP - Describe briefly the basic difference in service provided by an email server using POP3 protocol compared to an email server using IMAP protocol. Please don't copy and paste from the...
Please don't copy and paste from the internet. Thank you - What is meant by term...
Please don't copy and paste from the internet. Thank you - What is meant by term “inelastic traffic” on a network? - Explain the primary difference between network applications that use client-server architecture and applications that use peer-to-peer architecture. - What is meant by the term “peer-churn” with respect to peer-to-peer application architectures? - Describe in one sentence what is represented by a “port” number to the protocol operating in the transport layer in layered protocol architecture. Please don't copy...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT