Ransomware news & analysis | SC Media

Ransomware

Security teams struggle with ransomware, cloud services

Ransomware, insecure internet-facing systems and attacks against cloud-based services are among the top threats facing industry this year, according to new and recent threat intelligence reporting.  The Q2 threat report released today by Rapid7 and detailing the latest tools and tactics used in cyber campaigns targeting the private sector, pegged the manufacturing sector as the…

Massive Magecart attacks steal personal data from Magento 1 stores

An automated campaign Magecart campaign against 2,000 Magento stores over the weekend compromised the private information of thousands of customers and may very well be the largest attack of its kind since 2015. The hacks were typical Magecart attacks, but since many of the stores victimized had no prior history of security incidents, “this suggests…

History shows, transparency can ease the fallout from a cyberattack

Cybersecurity firms have a responsibility to keep their clients safe from digital attacks. But when they end up the victims, they potentially risk losing credibility with these customers, especially if their operations are disrupted. It’s a potentially juicy extortion scenario for attackers, and we just saw an example of this play out last week when…

New Zeppelin strand avoids AV detection with trojan downloader

A fresh wave of Zeppelin ransomware attacks discovered in late August went undetected by antivirus defenses as the result of a new trojan downloader and research suggests the attacks might be targeted. The presumably targeted infections were announced in a blog post by Juniper Threat Labs researcher Asher Langton. “This campaign shows an evolution of…

Exposed social media profiles give security teams 235 million reasons to worry about ransomware attacks

Security teams should brace for a potential onslaught of ransomware attacks – more troubling as workforces operate remotely during the pandemic – after the public-facing profiles of 235 million TikTok, Instagram and YouTube users were exposed through a misconfigured database. “Since everybody is working remotely, those phishing attacks can compromise a personal device, which then…

SMBs imperiled as low-end RaaS grows more powerful

As Ransomware-as-a-Service (RaaS) has simultaneously grown more powerful and easier to use, just about anyone can launch successful, damaging ransomware attacks on organizations. Small and medium businesses are particularly vulnerable to the widening variety of tactics –from the “spray and pray” favored by Avaddon to the mass-market-based business model used by Dharma RaaS. “The skills…

Next post in Ransomware