Articles about Ransomware

In the last three months ransomware attacks have grown by a global average of 50 percent compared to the first half of 2020.

The figures look even bleaker for individual countries, with attacks up by by 98 percent in the US, 80 percent in the UK, 145 percent in Germany, 36 percent in France and 160 percent in Spain.

Continue reading →

Ransomware is a persistent problem, with cybercriminals always looking for new ways to evade detection and infect systems. Attacks have increased 20 percent in the first half of this year.

Endpoint detection and response company Nyotron is launching a new, free online tool called Ransomwiz that allows allows security professionals to check their defenses by generating actual ransomware samples using a variety of real-world attack techniques.

Continue reading →

The numerous challenges of 2020 have proved to be fertile ground for ransomware attacks, with the number up by nine percent compared to the first quarter and by 59 percent compared to the second quarter of 2019.

The latest Threatscape report from Positive Technologies shows that 16 percent of phishing attacks took advantage of COVID-19 concerns, and there is also evidence that ransomware operators have started cooperating with each other.

Continue reading →

As expected, Garmin has confirmed that the ongoing outage that affected many of sport and fitness firm's services was the result of a cyberattack.

In a brief statement the company explains that the attack encrypted some of its systems on July 23, and then goes on to explain what happened and what was affected:

Continue reading →

The latest Cyber Threat Report from SonicWall shows a 24 percent drop in malware attacks worldwide, while there’s been a 20 percent jump in ransomware globally and a 109 percent spike in the US.

There's also been a 176 percent increase in malicious Microsoft Office file types and a 50 percent rise in IoT malware attacks as cybercriminals seek to use devices as a backdoor to business networks via home workers.

Continue reading →

According to a new report, 89 percent of security professionals are most concerned about phishing, web and ransomware attacks, but only 48 percent confirm that they have continuous visibility into these risk areas.

The 2020 Cybersecurity 360 Report from Balbix also shows 64 percent of organizations are only, at best, somewhat confident in their security posture, and that the lack of visibility into security is the primary concern for organizations.

Continue reading →

Requested amounts in ransomware attacks rose nearly 200 percent from 2018 to 2019, averaging $115,123 per attack last year.

A report from incident response, risk management and digital forensics firm Crypsis Group reveals that threat actors across a range of cyberattack types have significantly escalated their tactical approaches, becoming more targeted, conducting victim research and employing techniques that enable them to be more successful and extract higher payouts for their efforts.

Continue reading →

Ransomware is a business that's thriving in the current climate, but what's behind this and what wider problems do attacks create for businesses?

We had a socially-distanced chat with Chris Morales, head of security analytics at network detection and response specialist Vectra to find out more.

Continue reading →

Researchers at Check Point have discovered a new variant of Android malware called Black Rose Lucy that, when downloaded, encrypts files on the infected device and displays a ransom note in the browser claiming to be an official message from the FBI.

First discovered by Check Point in September 2018, Lucy is a Malware-as-a-Service dropper that originated in Russia and downloads and installs new threats with ransomware capabilities.

Continue reading →

The coronavirus pandemic has created some confusing times. Trying to get a better handle on the situation, some people have looked to mobile apps to track the spread of the disease. These users were shocked to find they had accidentally installed a malware app instead.

An Android app called "COVID19 Tracker" marketed itself as a virus map to people worried about the outbreak. Users searching for an app to show the spread of the virus found a link to COVID19 Tracker, which claimed to do just that. Instead of getting it from the Google Play Store, they would have to download it directly from the website. Once users downloaded and opened the app, they found an unpleasant surprise. COVID19 Tracker, like any other app, asked for device permissions, but once it gained this permission, it launched a program called "CovidLock." CovidLock threatened to delete all data from the phone unless users paid $100 in Bitcoin within 48 hours.

Continue reading →

Cyber criminals launched a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability.

Security company F-Secure's global network of honeypots saw 5.7 billion attacks during the year. For comparison, 2018 saw just over one billion attacks, while 2017 saw 792 million.

Continue reading →

Researchers at Varonis have uncovered a new ransomware variant that spreads and tracks its progress via SYSVOL share on Active Directory Domain Controllers.

The ransomware encrypts files and appends them with the extension, '.SaveTheQueen' and creates a file called 'hourly' on the SYSVOL share folder.

Continue reading →

Cybersecurity company Webroot has released its third annual Nastiest Malware list which shows ransomware making a comeback in addition to other threats.

Phishing and botnets are still popular attack methods and threats across the board are also becoming more sophisticated and harder to detect.

Continue reading →

Ransomware is a pervasive problem, and for victims it can be difficult to know whether paying up will help them to regain access to their maliciously encrypted files. So when ransomware decryption keys are released free of charge, it's always good news -- and this is exactly what has happened for HildaCrypt.

The developer of this particular strain of ransomware has released the decryption keys after a security researcher shared detailed of what was initially thought to be a new type of ransomware.

Continue reading →

A new report from vulnerability management company RiskSense looks at the most common vulnerabilities used across multiple families of ransomware that target enterprises and government organizations.

Among its key findings are that almost 65 percent target high-value assets like servers, close to 55 percent have CVSS v2 scores lower than eight, nearly 35 percent are old (from 2015 or earlier), and the vulnerabilities used in WannaCry are still being used today.

Continue reading →