Ransomware | SC Media

Ransomware

Report reveals struggles of SMBs navigating cyber threat landscape

By

A recent survey of just over 1,000 small- and medium-sized businesses found that 58 percent of respondents experienced a data breach in the previous 12 months, according to a new SMB cybersecurity research report from Keeper Security and the Ponemon Institute. An even larger number, 67 percent, said they experienced at least one form of cyberattack,…

‘DarkGate’ miner, password-stealer could open up world of hurt for Windows users

By

Windows users in Europe have recently been the target of a sophisticated malware campaign that provides attackers with a diverse array of capabilities, including cryptomining, credential stealing, ransomware and remote-access takeovers. Named DarkGate by its developer, the malware is reportedly distributed via Torrent files disguised as popular entertainment offerings — including the Spanish basketball dramedy…

Winning the Botnet Wars

By Anthony Giandomenico, Senior Security Strategist and Researcher, FortiGuard Malware is becoming increasingly destructive. Below is a short history of this trend, along with steps organizations can take to combat it. We begin with Mirai that, in the summer of 2016, was responsible for the largest DDoS attack in history. It was built using millions…

Ransomware hits Madison County, Idaho government

By

A ransomware attack held hostage Madison County, Idaho’s services, ranging from the sanitation department to the county treasurer’s office. The attack infected the county’s network on Sunday night after someone opened a phishing email demanding an unspecified amount of money, according to The Rexburg Standard Journal. “I was stunned at the magnitude of it. It…

Researchers: Backdoor malware connects NotPetya culprits to Industroyer attack against Ukraine’s grid

By

Researchers are pointing to a recently discovered malicious backdoor as a key piece of evidence that apparently links the actors who launched the 2017 NotPetya ransomware attacks with the malicious hackers who disrupted Ukraine’s power grid the year before. The finding potentially helps to confirm ongoing suspicions among cyber experts that these notorious cyber incidents…

Protecting entryways: San Diego Unified Port District and AccelOps

Port of San Diego investigating cyberattack

By

The Port of San Diego is probing a cyberattack similar to the costly SamSam attack that crippled systems and services in Atlanta earlier this year. “The Port of San Diego has experienced a serious cybersecurity incident that has disrupted the agency’s information technology systems,” according to a statement from the port’s CEO, Randa Coniglio. “The…

Viro Botnet ransomware comes with a botnet

By

Researchers discovered a ransomware with Botnet capabilities representing threat actors diversifying attack methods to raise the ante. Trend Micro researchers spotted the ransomware dubbed “Viborot” targeting users in the United States that once infected, the machine would become part of a spam email botnet that sought out new ransomware victims, according to a Sept. 21…

Leahy bill would end bulk data collection, introduce reforms

Romanian woman pleads guilty to ransomware attack on D.C. police cameras before Trump Inauguration

By

A Romanian citizen pleaded guilty to federal charges stemming from her role in a ransomware attack which involved hacking Washington, D.C., police cameras days before the 2017 Presidential Inauguration. Eveline Cismaru, 28, pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer fraud in charges stemming…

Iron Group suspected in creation of Xbash all-in-one malware

By

A threat actor has been targeting Windows and Linux servers with a self-propagating malware mash-up that’s comprised of botnet, ransomware, disk wiper, cryptomining and worm elements all in one. Researchers from Palo Alto Networks’ Unit 42 division have tied the malware, dubbed Xbash, to the APT actor known as Iron Group. The same group has previously…

Business traveller

Bristol airport hit with ransomware attack

By

The Bristol airport in the UK recently recovered from a ransomware attack which prompted the airport to take flight information screens offline in an effort to keep the attack contained. This action was taken on Friday and the screens were back in operation by Sunday in “key locations” including departures and arrivals while officials are…

Next post in Malware