Application security, Cybercrime, Malware

New ransomware arrives as phony alert from Microsoft

Greg MastersAugust 9, 2016

A new ransomware iteration has been detected by Symantec embedded in an email message disguised as an alert from Microsoft.

The threat (freedownloadmanager.exe), dubbed Trojan.Ransomlock.AT by Symantec, is showing up primarily in the United States. The email appears to be a legitimate notice from Microsoft claiming the user's Windows license has expired and prompts the target to call a toll-free number in order to unlock their computer.

The new ransomware variant follows up on similar scams Symantec detected previously. The difference this time, the company stated, is that it now is using a recognizable name.

"What makes this different from traditional ransomware is that it appears the attackers have carefully thought out how to maximize revenue generation by using a combination of branded ransomware alongside manipulated search results," the researchers said.

Keep your OS and security software up to date, Symantec advised.

Greg Masters

Application security

Software security tops ENISA’s list of cybersecurity threats for 2030

Sponsored by InvictiMay 25, 2023

The European Union Agency for Cybersecurity (ENISA) has published a report on potential cybersecurity threats for 2030, trying to anticipate future security risks based on current trends and expert opinions. While some of the less likely predictions may touch on science fiction, the top two anticipated threats are already with us today: software supply chain compromises and AI-enhanced disinformation campaigns.

API Bug OAuth dev tool opens websites, apps to account hijacking

Application security

API bug in OAuth dev tool opened websites, apps to account hijacking

Stephen WeigandMay 25, 2023

Critical flaw in the Expo framework that allowed them to take over user accounts via the Open Authorization (OAuth) protocol.

Application security

New Google bug bounty program for Android apps launched

SC StaffMay 24, 2023

Googlehas introduced its new Mobile Vulnerability Rewards Program that would offer rewards for the identification of security flaws in Google's first-party Android applications,BleepingComputerreports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

New ransomware arrives as phony alert from Microsoft

Related

Software security tops ENISA’s list of cybersecurity threats for 2030

API bug in OAuth dev tool opened websites, apps to account hijacking

New Google bug bounty program for Android apps launched

Related Events

Reducing silos between Developers and AppSec in your Software Supply Chain with Snyk and ServiceNow

Tackling The Unique Challenges of Kubernetes & Container Security

Platform for Platforms: Developing Modern Applications at the Edge

Get daily email updates