Amarjit Singh

Since the WannaCry ransomware ripped through the internet late last week, infecting hundreds of thousands of machines and locking up critical systems from health care to transportation, cryptographers have searched for a cure. Finding a flaw in WannaCry’s encryption scheme, after all, could decrypt all those systems without any ransom.

Now one French researcher says he’s found at least a hint of a very limited remedy. The fix still seems too buggy, and far from the panacea WannaCry victims have hoped for. But if Adrien Guinet’s claims hold up, his tool could unlock some infected computers running Windows XP, the aging, largely unsupported version of Microsoft’s operating system, which analysts believe accounts for some portion of the WannaCry plague.

"Does not erase the prime numbers from memory before freeing the associated memory," says Guinet.

Based on this finding, Guinet released a WannaCry ransomware decryption tool, named WannaKey

"It does so by searching for them in the wcry.exe process. This is the process that generates the RSA private key. The main issue is that the CryptDestroyKey and CryptReleaseContext does not erase the prime numbers from memory before freeing the associated memory." says Guinet

So, that means, this method will work only if:

1. The affected computer has not been rebooted after being infected.
2. The associated memory has not been allocated and erased by some other process.

"In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!," Guinet says.

Download Tool here @ https://github.com/gentilkiwi/wanakiwi/releases

What is Ransomware?
Ransomware is a family of computer bugs that are programmed to lock up an endpoint, such as a PC, server, or mobile device, in various ways and then asks the victim to pay a ransom to regain control of the data or the endpoint. A Ransomware attack can affect an individual or organization anywhere in the world. According to the FBI, ransomware attacks cost victims in the US a total of $209 million in the first three months of 2016. That’s a 771% increase for the $24 million reported in all of 2015.

How does it attack?
Cybercriminals typically use social engineering such as unsolicited email, or spam, to lure victims into opening a malicious attachment. The attachment attempts to exploit a vulnerability in productivity software the user likely possesses in order to allow file execution, in this case Ransomware. The Ransomware code is designed to scan the file system on the endpoint and find all the locations where the victim keeps files, including shadow copies and backup files and including network repositories and even external drives attached to the endpoint. The files are then encrypted and users are prevented from accessing them. The key to unlocking the files remains in the cybercriminal’s hands until the victim pays a ransom to obtain the key and attempts to restore the files.

Your MONEY or your DATA?
Victims all around the globe have been receiving on-screen ransom requests averaging $500USD, demanded most often in the form of cryptocurrency. Businesses are now seeing larger-scale ransomware attacks on their servers and networks, along with demands for 4- to 5-digit ransom payments, all the way up to millions demanded in some cases.

What can consumer do to lower the Ransomware risk?

What can Business do to lower the ransomeware risk?


We strongly encourage you to read X-Force research report (https://securityintelligence.com/media/ransomware-report/) to get a deeper insight on Ransomware.We urge you to take necessary and sensible precautions and encourage safe practices within your team. 

Rashtrapati Bhavan would be transformed into a smart township with the help of IBM Smart City Solutions.IBM on Thursday announced that its smart city solutions have been deployed for the digital transformation of the Presidential Estate. “Spread across 330 acres of land and home to over 5,000 residents, the self-sustained Presidential Estate is adopting IBM’s technology and solutions to become future ready.

The Intelligent Operations Center addresses challenges that are inherent to townships - water supply, security, electrical infrastructure and solid waste management,” said an IBM statement.“The transformation of the estate into a smart township is customized to further enhance the efficiency of critical infrastructure and utilities,” it added.The partnership to reimagine the Rashtrapati Bhavan in the digital age was announced at an event graced by President Pranab Mukherjee. A citizens mobile app, created by IBM Intelligent Operations Center (IOC), was also launched, which allows residents to report issues using the web and mobile. “Rashtrapati Bhavan is an iconic representation of India’s smart city vision. It is a proud moment for all of us and the beginning of a great journey. We are honored to be their partner in enabling this transformation,” said Vanitha Narayanan, MD, IBM India.

Juniper Network Operating System (JUNOS) maintains different types of routing tables for clear separation of different types of routes. Each routing table populates a portion of forwarding table and thus the forwarding table is partitioned based on routing table. The routing table in Juniper Network Operating System or JUNOS contains all the information known by that router and routing protocol puts the different routes in the routing table for single destination. Further the routing table places the best route in the packet forwarding engine (PFE).

Below is the list of different types of routing tables created by Junos. They are as follows:
1. Inet.0: This table stores the IPv4 unicast routes. This is equivalent to global routing table in CISCO.

2. Inet.1: This table stores the multicast routes. This table stores the (S,G) entries. This is equivalent to mroute table of CISCO.

3. Inet.2: This table is used for unicast RPF (Reverse Path Forwarding). For subsequent address family indicator (SAFI) 2 routes, when multiprotocol BGP (MBGP) is enabled. This table stores unicast routes that are used for multicast reverse-path-forwarding (RPF) lookup. The routes in this table can be used by the Distance Vector Multicast Routing Protocol (DVMRP), which requires a specific RPF table. In contrast, Protocol Independent Multicast (PIM) does not need this table because it can perform RPF checks against the inet.0 table. You can import routes from inet.0 into inet.2 using routing information base (RIB) groups, or install routes directly into inet.2 from a multicast routing protocol.

4. Inet.3: For IPv4 MPLS. This table stores the egress address of an MPLS label-swiched path (LSP), the LSP name, and the outgoing interface name. This routing table is used only when the local device is the ingress node to an LSP.

5. Inet6.0: This table stores the IPv6 Unicast routes.

6. Bgp.l2vpn.0: This table stores the L2VPN learned routes.

7. Bgp.l3vpn.0: This table stores the L3VPN learned routes.

8. Mpls.0: For MPLS label switching operations. This table is used when the local device is a transit router.

9. Iso.0: For IS-IS routes. When you are using IS-IS to support IP routing, this table contains only the local device’s network entity title (NET).

10. Juniper_Private: For Junos OS to communicate internally between the Routing Engine and PIC hardware.

Source: http://www.mplsvpn.info/