SandboxEscaper Releases Several Windows Vulnerabilities

Over the past couple of days, the security researcher who goes by the pseudonym SandboxEscaper has released several Microsoft Windows vulnerabilities to the public with no prior notice given to Microsoft. The researcher has developed a reputation amongst the InfoSec community for releasing vulnerabilities to the public, in particular, Windows vulnerabilities, without informing the software producer or giving prior notice as is seen as a good practice amongst researchers. The first of the flaws published on May 22, can be classified as a local privilege escalation (LPE) zero-day. LPE can be seen as exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. It is important to note that when exploited such flaws cannot be used to break into a system. Rather hackers can use them a...

Sysfrog Ransomware

Sysfrog is a malicious program which is categorized as ransomware. The person who discovered is Michael Gillespie. Programs of this type are designed to encrypt files, they lock files and keep them that way until their developers are paid. In other words, ransomware victims are forced to buy decryption tools from cyber criminals. Sysfrog adds the ".sysfrog" extension to every file (it prepends "[sysfrog@protonmail.com]" as well). For example, it renames a file named "1.jpg." to "[sysfrog@protonmail.com]1.jpg.sysfrog" and so on. It also creates a ransom note ("how_to_decrypt.txt" file) that can be found in folders that contain encrypted files. The "how_to_decrypt.txt" contains a short ransom note saying that all files were encrypted and in order to get them back, victims must pay 0.3 of Bitcoin by transferring it into the provided Bitcoin wallet. It also contains an email address (sysfrog@protonmail.com) th...