Articles about Ransomware

The latest Cyber Threat Report from SonicWall shows a 24 percent drop in malware attacks worldwide, while there’s been a 20 percent jump in ransomware globally and a 109 percent spike in the US.

There's also been a 176 percent increase in malicious Microsoft Office file types and a 50 percent rise in IoT malware attacks as cybercriminals seek to use devices as a backdoor to business networks via home workers.

Continue reading →

According to a new report, 89 percent of security professionals are most concerned about phishing, web and ransomware attacks, but only 48 percent confirm that they have continuous visibility into these risk areas.

The 2020 Cybersecurity 360 Report from Balbix also shows 64 percent of organizations are only, at best, somewhat confident in their security posture, and that the lack of visibility into security is the primary concern for organizations.

Continue reading →

Requested amounts in ransomware attacks rose nearly 200 percent from 2018 to 2019, averaging $115,123 per attack last year.

A report from incident response, risk management and digital forensics firm Crypsis Group reveals that threat actors across a range of cyberattack types have significantly escalated their tactical approaches, becoming more targeted, conducting victim research and employing techniques that enable them to be more successful and extract higher payouts for their efforts.

Continue reading →

Ransomware is a business that's thriving in the current climate, but what's behind this and what wider problems do attacks create for businesses?

We had a socially-distanced chat with Chris Morales, head of security analytics at network detection and response specialist Vectra to find out more.

Continue reading →

Researchers at Check Point have discovered a new variant of Android malware called Black Rose Lucy that, when downloaded, encrypts files on the infected device and displays a ransom note in the browser claiming to be an official message from the FBI.

First discovered by Check Point in September 2018, Lucy is a Malware-as-a-Service dropper that originated in Russia and downloads and installs new threats with ransomware capabilities.

Continue reading →

The coronavirus pandemic has created some confusing times. Trying to get a better handle on the situation, some people have looked to mobile apps to track the spread of the disease. These users were shocked to find they had accidentally installed a malware app instead.

An Android app called "COVID19 Tracker" marketed itself as a virus map to people worried about the outbreak. Users searching for an app to show the spread of the virus found a link to COVID19 Tracker, which claimed to do just that. Instead of getting it from the Google Play Store, they would have to download it directly from the website. Once users downloaded and opened the app, they found an unpleasant surprise. COVID19 Tracker, like any other app, asked for device permissions, but once it gained this permission, it launched a program called "CovidLock." CovidLock threatened to delete all data from the phone unless users paid $100 in Bitcoin within 48 hours.

Continue reading →

Cyber criminals launched a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability.

Security company F-Secure's global network of honeypots saw 5.7 billion attacks during the year. For comparison, 2018 saw just over one billion attacks, while 2017 saw 792 million.

Continue reading →

Researchers at Varonis have uncovered a new ransomware variant that spreads and tracks its progress via SYSVOL share on Active Directory Domain Controllers.

The ransomware encrypts files and appends them with the extension, '.SaveTheQueen' and creates a file called 'hourly' on the SYSVOL share folder.

Continue reading →

Cybersecurity company Webroot has released its third annual Nastiest Malware list which shows ransomware making a comeback in addition to other threats.

Phishing and botnets are still popular attack methods and threats across the board are also becoming more sophisticated and harder to detect.

Continue reading →

Ransomware is a pervasive problem, and for victims it can be difficult to know whether paying up will help them to regain access to their maliciously encrypted files. So when ransomware decryption keys are released free of charge, it's always good news -- and this is exactly what has happened for HildaCrypt.

The developer of this particular strain of ransomware has released the decryption keys after a security researcher shared detailed of what was initially thought to be a new type of ransomware.

Continue reading →

A new report from vulnerability management company RiskSense looks at the most common vulnerabilities used across multiple families of ransomware that target enterprises and government organizations.

Among its key findings are that almost 65 percent target high-value assets like servers, close to 55 percent have CVSS v2 scores lower than eight, nearly 35 percent are old (from 2015 or earlier), and the vulnerabilities used in WannaCry are still being used today.

Continue reading →

Ransomware attacks are a major problem and they often gain access to systems via brute-force attacks against open and exposed remote access points such as Remote Desktop Protocol.

Cloud-native virtual application delivery platform Cameyo is launching its new RDP Port Shield security technology, along with a free, open source monitoring tool that any organization can use to identify attacks taking place over RDP in their environment.

Continue reading →

The education sector has become one of the most sought after targets for cybercriminals, according to the latest report from Malwarebytes Labs.

In the first half of 2019, the top three largest categories of threats identified among education institutions' devices are adware (43 percent), Trojans (25 percent) and backdoors (three percent). However, ransomware dropped to less than one percent in this period -- though it was higher both before and after the study.

Continue reading →

Detections of ransomware aimed at businesses rose by a massive 363 percent between the second quarter of 2018 and the same period this year. Meanwhile consumer ransomware is down 34 percent.

The latest quarterly threat report from Malwarebytes also sees a 235 percent overall increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor.

Continue reading →

The cybercriminal's most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files stored in infrastructure-as-a-service (IaaS) cloud providers.

This is according to a new report from threat detection specialist Vectra which finds that by encrypting files that are accessed by many business applications across the network, attackers achieve an economy of scale faster and far more damaging than encrypting files on individual devices.

Continue reading →