Ransomware | SC Media

Ransomware

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Setting up for success when buying cyber insurance

By

When is a war really a not a war, at least as far as an insurance company is concerned? That is the question the cybersecurity and insurance industries are likely to find out at the conclusion of a court case between Zurich International and the U.S. food company Mondelez International, one of the many firms…

True crime: SamSam ransomware I am

It was one for the books – a mysterious cyberattack laying waste to systems in the city of Atlanta before moving on to a wide swath of targets, including health care companies, the Port of San Diego, the Colorado Department of Transportation. March 22, 2018 – Workers arriving in various departments in the city of…

Possible ransomware attack disturbs Altran Technologies’ European operations

By

French engineering research and consulting firm Altran Technologies disclosed this week that a Jan. 24 cyberattack impacted its operations in certain European countries. In response to the incident, the company immediately shut down its IT network and all applications,” the company said in a press release issued on Monday. Altran’s statement was short on specifics,…

Phishing campaign throws Shade ransomware at Russians

By

Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…

Fresh-faced Anatova ransomware created by ‘skilled developers,’ researchers warn

By

A new family of ransomware that was discovered in a private peer-to-peer network earlier this month has prompted a warning from researchers due to its apparent modular capabilities and its sophisticated coding and anti-analysis techniques. Nicknamed Anatova, the ransomware has already been detected in at least several hundred machines around the world, despite having a…

Malwarebytes CEO Marcin Kleczynski

AI use in ransomware attacks and sextortion schemes top Malwarebytes 2018 report

By

The Malwarebytes State of Malware 2018 report found an odd mix of attacks that took place last year with businesses bearing the brunt of cybercriminals’ efforts, while consumers were victimized in a new way using their previously hacked PII. Malwarebytes CEO Marcin Kleczynski The amount of malware targeted at business increased 79 percent, compared to…

Downloads of cracked software distribute ransomware via adware bundles

By

Websites offering cracked versions of popular software programs have recently been serving up adware bundles that secretly deliver a variant of STOP ransomware. According to a pair of reports from Bleeping Computer founder Lawrence Abrams, the scheme came to light in December 2018 with the appearance of the malicious encryptor “Djvu” – so named because…

Del Rio, Texas ransomware attack knocks city offline

By

Another city was hit with a ransomware attack which knocked daily services back into the era of the pen and Pad. Last week, the city of Del Rio, Texas was hit with a ransomware attack which forced city officials to shut down the servers at its city hall and deny employees access to the system,…

Ryuk ransomware linked to Emotet and TrickBot trojans; suspicions shift to cybercriminal group

By

Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple U.S. newspapers in late 2018 to the Emotet and TrickBot trojans. In so doing, some analysts have now also shifted blame for the attack from North Korean actors to cybercriminals, possibly from Russia, while others maintain that attribution efforts are premature. Crowdstrike,…

Next post in Security News