Browsing category
Researchers discovered a new ransomware strain dubbed Pxj that encrypts users’ files appends “.pxj” extension to the encrypted files. The new ransomware strain was discovered by IBM’s X-Force Incident Response team, and the ransomware malware is all known as “XVFXGW”. PXJ Ransomware The PXJ Ransomware code appears to be a new one, it doesn’t share […]
Researchers observed a new ransomware family called “Robinhood” that using a digitally signed vulnerable driver to bypass the protection by killing files belonging to endpoint security products, bypassing tamper protection and antivirus software to encrypt the system files. Attackers using the Living off the Land technique for this ransomware attack to destructive file encryption portion […]
Researchers observed new snake ransomware that written in Golang targeting Windows users to encrypt the system files and remove the Volume Shadow Copies that the OS uses for backup. Snake ransomware is a targeted campaign that contains a standard ransomware feature with some of the more complex functionalities. Malware authors choose the Golang language which […]
Researchers discovered a new wave of FTCODE ransomware campaign that steal browsers login credentials and Encrypt files in Windows systems. FTCODE ransomware was first observed in 2013, it uses the Windows PowerShell program to perform file encryption. The ransomware resurfaced again starting from last year September, according to Certego analysis of the FTCODE ransomware, it […]
DeathRansom – A new ransomware strain that evolves from no encryption to using a combination of encryption algorithms to encrypt files. The ransomware strain observed first in earlier November, it pretends to encrypt files, but it only appends the extension, users able to recover the files by just removing the extension. Researchers from Fortinet observed […]
U.S. Coast Guard discloses a ransomware attack on a Maritime Transportation Security Act (MTSA) regulated facility by infamous “Ryuk” Ransomware. “Ryuk” Ransomware involved with so many attacks that targeted various organizations, government networks and cause millions of dollar damages. GBHackers recently reported that hackers compromise the U.S Massachusetts city computers with the Ryuk Ransomware and […]
RIPlace a new evasion technique that allows threat actors to encrypt files on Windows-based computers without being detected by anti-ransomware products. Nyotron’s Security researchers discovered a new technique that leverages Microsoft Windows file system rename operations to stay undetected from security products, RIPlace Evasion Technique Attackers can use this RIPlace method to alter any files […]
Ransomware attacks are still something to be wary of these days. 2019 saw a resurgence in ransomware attacks and they’re expected to grow even more rampant in the coming weeks as we hit the holiday season. The Thanksgiving weekend ushers in major sales events including Black Friday and Cyber Monday. Retailers, both brick-and-mortar and digital, […]
Researchers discovered a new PureLocker Ransomware that capable of encrypting files in Windows, Linux, and macOS. The ransomware used by threat actors to perform a targeted attack against production servers of the enterprise networks. Code reuse analysis against Purelocker reveals that the ransomware related to the “more_eggs”, a backdoor malware often used by Cobalt Gang, FIN6 […]
The ransomware evolution re-shaping the cyber domain, starting from 2019 the ransomware attacks against high-profile public and corporate networks by making criminal alliances. In 2018, threat actors behind GandCrab ransomware launched their Ransomware-as-a-Service which shifts the paradigm and turns the ransomware a full-fledged business with Branding, marketing, outreach. Threat Actor Group Truniger Truniger also known […]
Cyberattacks rapidly growing every day, it emerges as one of the biggest challenges for businesses. Network intruders and ransomware developer groups develop an alliance with each other to maximize the revenue with the ransomware market. They partnership together to attack the most secure and lucrative targets. AdvIntel report shows how the underground community developing multidimensional […]
Ransomware attack is quite common nowadays since Malicious software spreading everywhere through various mediums. The cybercriminals that use it are looking to do one thing, extort your money. Not unlike the movies, it usually starts with an ominous ransom note demanding money. This usually appears in the form of a notification that pops up on […]
Researchers found a new footprint about the recent BitPaymer ransomware campaign that was exploited the Apple iTunes for Windows Zero-day vulnerability to attacker public and private sectors across the U.S. Threat actors took advantage of a zero-day vulnerability that resides in the Bonjour Updater that comes packaged with iTunes for Windows and abused the unquoted […]
A financially motivated hacking group called “GOLD SOUTHFIELD” launch a newly developed REvil Ransomware (aka Sodinokibi) which used the GandCrab ransomware code and infected the Windows users around the world. Threat actors are distributing it through various medium including software installers with backdoor capabilities, exploit kits, exploiting RDP servers, and scan-and-exploit techniques. Malware developers behind […]
Cybercriminals compromise the New Bedford, Massachusetts city computers with the Ryuk Ransomware and demanding $5.3 million to unlock the compromised computers. July 5, 2019, City of New Bedford’s Management Information Systems (MIS) identified the ransomware that infected several computers. Soon after detection the MIS staff disconnected the City’s computer servers and shut down systems. But the […]
EternalBlue is a powerful exploit created by the U.S National security Agency(NSA). The tool was stolen from them in 2017, and a group calling itself the Shadow Hackers leaked it. later cybercriminals used it to penetrate Microsoft Windows-based systems. Windows released a patch over two years ago to fix the vulnerability in their software, but […]
Still, Ransomware attacks become a problem on local governments, and Texas discovers this first-hand. On the morning of August 16, 23 government entities reported a ransomware attack. Most were “smaller local governments,” and the State of Texas networks and systems were not hit by the Department of Information Resources. “It appears all entities that were […]
We are covering ransomware and the latest “innovations” to improve it at the expense of the poor victims since 2017. They are always on top of their game in order to expand the infection rates and bypass antivirus software, with only one focus since day 1: profit. Ransomware has infected PCs with Windows, Linux, and […]
Researchers discovered multiple critical vulnerabilities in Picture Transfer Protocol (PTP) that allows attackers to infect the Canon DSLR camera with ransomware to encrypt the pictures and demand the ransom. An attacker who is very close with the victim’s WiFi or already hijacked computers with the USB access could propagate them to infect the cameras with […]
Have you heard of GermanWiper? No, it is not a brand of shaving razor or tissue paper in Germany. The name is very unfortunate, but it is another “ransomware” that is wreaking havoc in Germany and maybe adjacent parts of Europe. Yes, “ransomware” with double quotes, as it is similar to form with other ransomware […]
Digital extortion continues to pose a threat everywhere. According to the Cyber Advisor newsletter, incidents of ransomware attacks are only going to skyrocket and increase manyfold. The level of threat has only escalated with military-grade hacking techniques used to target entire geographies, large scale corporations, hospitals, schools and just about anyone with an internet connection […]