Over 360,000 Affected By Florida School Data Breach

A data breach at the Florida Virtual School is thought to have impacted impacted more than 368,000 current and former students and up to 2,000 teachers at the school. A statement from FLVS says the breach likely occurred between May 6, 2016, and Feb. 12, 2018, but it wasn’t reported until last Friday. FLVS says school records including students names, dates of birth, school account numbers, their usernames and passwords as well as parent’s names and emails were compromised by the breach. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire commented below.

Zenis Ransomware Encrypts Your Data & Deletes Your Backups

A new ransomware was discovered this week by MalwareHunterTeam called Zenis Ransomware. While it is currently unknown how Zenis is being distributed, multiple victims have already become infected with this ransomware. What is most disturbing about Zenis is that it not encrypts your files, but also purposely deletes your backups.

When MalwareHunterTeam found the first sample, it was utilizing a custom encryption method when encrypting files. The latest version, and the one we will discuss in this article, utilizes AES encryption to encrypt the files.

At this time there is no way to decrypt Zenis encrypted files, but Michael Gillespie is analyzing the ransomware for weaknesses. Therefore, if you are infected with Zenis, do not pay the ransom. Instead you can receive help or discuss this ransomware in our dedicated Zenis Ransomware help & support topic.

Below is a brief decryption of how the Zenis ransomware encrypts a computer compiled from analysis by MalwareHunterTeam, Michael, and myself.

How Zenis Ransomware encrypts a computer

As previously stated, we do not know how the Zenis Ransomware is currently being distributed. Based on the elusiveness of the ransomware samples and comments from infected people, it could be distributed via hacked Remote Desktop services.

When executed, the current Zenis Ransomware variant will perform two checks to see if it should begin encrypting the comptuer. The first check is to see if the file that executed is named iis_agent32.exe, with this check being case insensitive. The other check is to see if a registry value exists called HKEY_CURRENT_USER\SOFTWARE\ZenisService “Active”.

If the registry value exists or the file is not named iis_agent32.exe, it will terminate the process and not encrypt the computer.

If it passes the checks, it will then begin to get the ransom note ready by filling in some information, such as emails and encrypted data.

After that is completed it will execute the following commands to delete the shadow volume copies, disable startup repair, and clear event logs.

cmd.exe /C vssadmin.exe delete shadows /all /Quiet cmd.exe /C WMIC.exe shadowcopy delete cmd.exe /C Bcdedit.exe /set {default} recoveryenabled no cmd.exe /C Bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures cmd.exe /C wevtutil.exe cl Application cmd.exe /C wevtutil.exe cl Security cmd.exe /C wevtutil.exe cl System"

Education quiz app Kahoot raises another $17M at a $100M valuation

When we wrote about gaming startup Kahoot passing significant milestones of 70 million users on 51 million educational quizzes in January, we mentioned that the Oslo, Norway-based startup was closing another round of funding. Now, that has come to pass: Kahoot has announced that it has raised $17 million, at a valuation that sources close to the company confirm to us is $100 million.

MPLS explained

The thing about MPLS is that it’s a technique, not a service — so it can deliver anything from IP VPNs to metro Ethernet. It’s expensive, so with the advent of SD-WAN enterprises are trying to figure how to optimize its use vs. less expensive connections like the internet.

The Cost of GDPR Non-Compliance 

General Data Protection Regulation (GDPR) requires additional steps that data processors and data controllers must take to protect personal data, and disclose any data security breach to the public, GDPR regulators can impose large, monetary fines for those in non-compliance. Additional penalties that can occur may not be monetary, but can carry a large consequence. 

Here’s Why Blake Lively Still Doesn’t Have a Stylist

Blake Lively is one of the rare Hollywood celebrities who doesn’t hire a stylist. She pulls all the clothes for her press tours and their outfit marathons (she tried 256 outfits for her Age of Adaline one in 2015, for example). What, like it’s hard dressing yourself? Lively told WWD last night when its reporter asked if it was difficult being a major actress and her own stylist. “It’s a lot of work [but] I mean, it’s not hard in that we all dress ourselves every morning,” she started.

Identifying Security Blind Spots For You And Your Customers

The security landscape is a minefield for small businesses, and their service providers. After a year of high-profile cybersecurity stories – from WannaCry to Equifax to Spectre and Meltdown – providers are facing difficult conversations with their clients about their preparedness against attacks.

Walmart-Amazon Rivalry Turns Into Food Fight

Walmart on Wednesday said it would expand its Online Grocery Delivery service, currently available in six markets, to more than 100 metro areas across the United States. Its plans call for covering more than 40 percent of U.S. households by the end of the year.