Ransomware news & analysis | SC Media Ransomware

Ransomware

Experiment shows how often hackers want to attack critical infrastructure

CISA warns critical infrastructure sectors after successful ransomware attack on pipeline operator

The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational…

A tale of two ransomware attacks

Two schools, two ransomware attack and two different outcomes. The Allegheny Intermediate Unit school system was able to fend off a recent ransomware attack using back up files, meanwhile the University of Maastricht just disclosed it paid 30 bitcoins to regain control of its encrypted computer network. Allegheny Intermediate Unit (AIU), a regional public education…

Cybercriminals abuse Bitbucket to infect users with potpourri of malware

A newly discovered attack campaign has been abusing the online storage platform Bitbucket to maintain and update a wide assortment of malware, in a plot to infect computer users who download free, cracked versions of commercial software from the internet. Researchers at Cybereason’s Nocturnus team, who uncovered the threat, estimate that more than 500,000 machines…

Report ties Ekans/Snake ransomware to Megacortex, emphasizes ICS threat

A new threat intelligence report has underscored the serious threat posed by the recently discovered Snake ransomware, which not only encrypts files, but can disrupt certain industrial controls systems processes. ICS security firm Dragos issued the blog post report yesterday after initially sharing it privately with its clientele back in mid-January. Dragos refers to ransomware…

Ransomware knocks city of Racine offline

The city of Racine, Wis., was hit with a ransomware attack January 31 that knocked most of its non-emergency computer services offline. The Wisconsin-city’s website, email system and online payment collection systems were still down as of February 3 and the city police are unable to processes fee payments or provide copies of police and…

Report: Ryuk ransomware impacts websites of DOD contractor

A Ryuk ransomware attack against U.S. Department of Defense contractor Electronic Warfare Associates (EWA) has reportedly affected the electronics company’s web server, making several of its websites in accessible. According to a ZDNet report, the attack took place last week and impacted the websites for the EWA Government Systems Inc., a subsidiary that sells electronic…

Tampa Bay Times hit by Ryuk, new variant of stealer aimed at gov’t, finance

On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets. The Times attack didn’t result in a breach, noted David Ruiz, 0f Malwarebytes Labs, who cited the Times Publishing Company Chief Digital Officer Conan…

Citrix fixes bug used in ransomware attacks; Auto maker GEDIA falls victim to exploit

Citrix over the last six days has been releasing firmware updates to fix CVE-2019-19781, a critical remote code execution vulnerability in its Citrix Application Delivery Controller, Citrix Gateway and SD-WAN WANOP products, which cybercriminals have actively exploited in an attempt to deliver ransomware, backdoors and coin miners. The Fort Lauderdale, Fla.-based software company has now…

Next post in Vulnerabilities