New #GhostLock tool abuses #Windows API to block file access

https://www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/

#cybersecurity

GhostLock Exploits Windows API to Disrupt File Access

Meet GhostLock, a proof-of-concept that cleverly exploits Windows API to disrupt file access, causing operational downtime without data loss, similar to the impact of ransomware. By manipulating the CreateFileW sharing parameter, GhostLock effectively locks files, leaving other processes in the dark with a sharing violation error.

https://osintsights.com/ghostlock-exploits-windows-api-to-disrupt-file-access?utm_source=mastodon&utm_medium=social

#WindowsApi #Ghostlock #DisruptionTactics #Proofofconcept #EmergingThreats

Windows SMB Flaw Enables File Lockdowns Without Traditional Ransomware Traces

New Windows 'GhostLock' flaw lets attackers lock files on SMB shares. It bypasses security and leaves no traditional ransomware traces. Learn how to respond.

#WindowsSecurity, #CyberAttack, #Ransomware, #SMB, #GhostLock

https://newsletter.tf/windows-ghostlock-flaw-locks-files-no-ransomware/

Attackers can now lock files on Windows SMB shares using a new 'GhostLock' method. This exploit is harder to detect than normal ransomware because it doesn't leave typical signs like file changes.

#WindowsSecurity, #CyberAttack, #Ransomware, #SMB, #GhostLock
https://newsletter.tf/windows-ghostlock-flaw-locks-files-no-ransomware/