Browsing tag
The payments systems remained ineffective for three days after the ransomware attack, but payment data is safe, claims TransLink. TransLink, the agency that manages the transit system of Metro Vancouver, has become the latest victim of a ransomware attack. According to reports, the Metro’s payment systems were targeted by Egregor ransomware operators, after which the […]
Cybersecurity threats, and in particular ransomware attacks, are facts of life and daily occurrences in an increasingly digital economy. The more commercial activity takes place via the internet and using hardware and software that interfaces with the web, the more vulnerable a business is to the depredations of malicious actors. Interestingly, most of the largest […]
An “aggressive” financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an “improper SQL command neutralization” flaw in the SSL-VPN SMA100 product […]
REvil ransomware gang claims to be negotiating with 3rd-parties to sell the alleged stolen data. The infamous REvil ransomware gang (also known as Sodinokibi) is back in action and this time its alleged victim is Quanta Computer Inc., a Taiwan-based manufacturer of notebook computers and other electronic hardware. In a post published by the REvil […]
The Metropolitan Police Department (MPD) of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack. The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police’s networks and stolen 250 GB of unencrypted files. Screenshots shared by the […]
Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called “Cring” inside corporate networks. At least one of the hacking incidents led to the temporary shutdown of a production site, said cybersecurity firm Kaspersky in a report published on Wednesday, […]
Maze ransomware, one of the most dangerous and potent strains of Windows ransomware that have hit companies and organizations around the world and demanded a payment in cryptocurrency in exchange for a safe recovery of encrypted data, has now officially announced the shutting down of its operations on its website on the dark web. Though […]
Recently one of the most dangerous ransomware, WastedLocker, owes its success to a unique bypass mechanism for security solutions and tools that block ransomware. Initially, WastedLocker appeared this year in May, and it’s a part of the arsenal of the famous cybercriminal group Evil Corp, which is also known as Dridex. It was used in […]
Law enforcement agencies from Great Britain and Romania Cyber division have identified one of the operators behind the infamous GandCrab Ransomware attack. The Man who has been arrested was an affiliate with GandCrab developers and responsible for the infection and earning commission for each ransom payments. GandCrab ransomware attack was a high profile cybercrime, and […]
Ransomware is an ever-increasing cyber threat, which has become a troublesome issue. Although the malware has seen a decline the past year, it has again escalated at the same pace. No one is immune to ransomware, either you or someone in your circle has been a victim of this malicious software. Ransomware installs itself […]
Oops! Your files are encrypted! Pay the ransom. Well, did you ever saw these words flash on your screen? If no, you must be thankful for this. When this happens to you, you may be perplexed about what has happened to your computer. A simple explanation to your baffling is that your files are encrypted […]
Ransomware is a waking nightmare about locking and encrypting your valuable files by malware. You need to pay off a nice chunk of money to an anonymous cybercriminal to regain access to your information, or at times you may not have access either way. When it comes to what is ransomware and ransomware attacks, it […]
REvil Ransomware also known as Sodinokibi observed wild at the end of April 2019. The REvil ransomware is a part of Ransomware-as-a-Service (RaaS) where a set of people maintain the source code and other affiliate groups distribute the ransomware. Researchers believe that REvil and GandCrab ransomware are similar, since the emergence of REvil, GandCrab activity […]
Cybercriminals using the Coronavirus outbreak to trick users into installing malicious corona virus-related apps. In the current panic, situation users are most vulnerable to apps like Coronavirus Trackers, symptoms identification, maps, etc. Malicious Coronavirus Tracker Security researchers from Domaintools observed a malicious Coronavirus tracker app that locks the user’s Android device and asks for a […]
Researchers discovered a new ransomware strain dubbed Pxj that encrypts users’ files appends “.pxj” extension to the encrypted files. The new ransomware strain was discovered by IBM’s X-Force Incident Response team, and the ransomware malware is all known as “XVFXGW”. PXJ Ransomware The PXJ Ransomware code appears to be a new one, it doesn’t share […]
Researchers observed a new ransomware family called “Robinhood” that using a digitally signed vulnerable driver to bypass the protection by killing files belonging to endpoint security products, bypassing tamper protection and antivirus software to encrypt the system files. Attackers using the Living off the Land technique for this ransomware attack to destructive file encryption portion […]
Researchers observed new snake ransomware that written in Golang targeting Windows users to encrypt the system files and remove the Volume Shadow Copies that the OS uses for backup. Snake ransomware is a targeted campaign that contains a standard ransomware feature with some of the more complex functionalities. Malware authors choose the Golang language which […]
Researchers discovered a new wave of FTCODE ransomware campaign that steal browsers login credentials and Encrypt files in Windows systems. FTCODE ransomware was first observed in 2013, it uses the Windows PowerShell program to perform file encryption. The ransomware resurfaced again starting from last year September, according to Certego analysis of the FTCODE ransomware, it […]
A new variant of Vega ransomware family, dubbed Zeppelin, has recently been spotted in the wild targeting technology and healthcare companies across Europe, the United States, and Canada. However, if you reside in Russia or some other ex-USSR countries like Ukraine, Belorussia, and Kazakhstan, breathe a sigh of relief, as the ransomware terminates its operations […]
A research team from SophosLabs and Sophos managed Threat Response(SMTR) has come across a new ransomware dubbed Snatch that reboots Windows PCs into safe mode before initiating encryption. According to researchers, this is a never-before-seen behavior and the possible reason why Snatch reboots PCs mid-attack is to evade antivirus apps installed in infected computers. The […]
Data protection specialists from security firm vpnMentor reported the detection of a data breach on a Romanian web platform, owned by tobacco company British American Tobacco; headquartered in the UK, this is one of the world’s largest manufacturers of tobacco and nicotine-based products. The vpnMentor research team, led by renowned expert Noam Rotem, found the […]