ZEPTO le nouveau ransomware à la mode Locky

Attention, il y a un nouveau logiciel qui chiffre vos données qui est cours de déploiement par de gros emailing : ZEPTO. Il ressemble par son mode de fonctionnement au ransomware qui a très bien marché Locky.

On retrouve le chiffrement en RSA 1024 et la jolie page web avec l’interface qui donne la somme à payer.

C’est souvent un fichier   .docm en attachement d’un email.

Le sujet du mail est souvent dans le style d’une série de chiffre hexadécimaux.


Aucun antivirus ne le repère pour l’instant.

Il faut être vigilant avec tous vos emails.

Un lien en anglais si voulez en connaître un peu plus


WatchGuard–Nouveau firmware 11.9.4

Ca y est le nouveau firmware 11.9.4 de WatchGuard est sorti. Parmi les nouveautés, un élément est interessant pour ceux qui veulent se servir du XTMv ( version vmware ou hyperv) avec des dédibox de chez Online ou de OVH. Le support des adresses IP en /32 pour les interfaces externe fonctionne. Donc à nous les IP Failover sur Watchguard.

Autre bonne nouvelle le portail captif avec la génération de ticket. Ce qui permet pour un hotel ou un restaurant de facilement donner l’accès à ses clients.

La news officielle est ci-dessous:

Fireware XTM 11.9.4 and WSM 11.9.4 
Fireware OS 11.9.4 and WSM 11.9.4 are now available. This maintenance release includes many bug fixes and several new enhancements. The Release Notes list all resolved issues and new enhancements in the software.
Key Highlights:

  • New Guest Services capability enables the creation of temporary accounts for hotspot access. Ideal for hotels and retail stores to provide internet access for their visitors and customers. A new guest administrator role and user interface enable front line staff to manage and create the accounts.
  • Selective inspection or bypass of encrypted web traffic (HTTPS DPI) via domain name or web category. Administrators now have more flexibility, allowing them to bypass DPI inspection of known good sites that need to remain private, such as online banking or financial applications.
  • Diagnostic report output of Branch Office VPN configurations helps with quick troubleshooting and fixing of any tunnel issues.
  • SSLv3 is disabled by default to protect against man in the middle attacks that could exploit the Poodle vulnerability (CVE-2014-3566).
  • Many bug fixes to improve the scalability and reliability of Single Sign-On.
  • Support for /31 and /32 subnets on external interfaces, which are commonly used in regions with shortages of IPv4 IP addresses.
  • WSM support for the new Firebox M400 and M500 models.

Full details of all changes including screenshots of new user interface are provided in the What’s New in 11.9.4 presentation.

Does This Release Pertain to Me?

This release applies to all Firebox and XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W appliances.

New Software Download Center!

Firebox and XTM appliance owners can obtain this update without additional charge by downloading the applicable packages from the new and improved WatchGuard Software Download Center. No login is required to download the software, but you must have active LiveSecurity on the appliance to apply the upgrade. Please read the Release Notes before you upgrade, to understand what’s involved. Known issues are now listed in the Knowledge Base when accessed through the WatchGuard Portal. You must log in to see Known Issues.