Ransomware | SC Media Ransomware

Ransomware

New NextCry ransomware targets NextCloud sync and share solution

Attackers are reportedly targeting an NGINX/php-fpm vulnerability to infect users of the NextCloud file sync and share service with a recently discovered ransomware called NextCry. Infecting a NextCloud instance is doubly damaging to victims because the affected service begins replacing files stored on their synced-up machines with the newly encrypted versions. In a Nov. 15…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Threat actor impersonates German, Italian and American gov’t agencies to spread malware

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Business and IT services, manufacturing companies, and healthcare organizations make up a large share of the targets…

New PureLocker ransomware built for targeted attacks, linked to MaaS dealer

A newly discovered ransomware called PureLocker is targeting the production servers of enterprises, while exhibiting some behavior that’s very unusual for most malicious encryptors. Among its quirky features: it’s written in the PureBasic programming language, which helps it avoid conventional anti-malware detection engines; it’s very picky about who it infects, only executing if the victim machine…

Pemex claims victory over cyberattack; $4.9 million ransom reportedly demanded

The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to…

MegaCortex ransomware variant threatens data breach, alters credentials

A newly discovered variant of MegaCortex ransomware goes well beyond just encrypting victims’ files — it also changes their Windows passwords and threatens to publish their stolen data if they fail to pay. In a report earlier this week, BleepingComputer said it helped analyzed the new strain after it was discovered by MalwareHunterTeam and subsequently…

Zurich rolls out cyber insurance coverage for manufacturers

Zurich Insurance has rolled out a new industry specific endoresements to its cyber insurance policies to provide coverage for manufacturers. This additional coverage was created due to the increased cyberthreat these companies are now under and the fact that many manufacturers, particularly mid-sized firms, are unaware and possibly less prepared to deal with, the risks…

Adversary harboring DopplePaymer ransomware targets industrial sector

A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Judging by the choice of targets, the actor has a particular interest in…

Ransomware attack delays government services in Nunavut, Canada

A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…

Ransomware attack on TrialWorks is one of 13 on MSPs and cloud-service providers in 2019

Law firms using case management software from TrialWorks found themselves unable to access their legal documents after the third-party service provider was hit with a ransomware attack earlier this month. The Coral Gables, Florida-based company, which serves roughly 2,500 clients, was attacked back on Oct. 13, but reports of the incident only began to surface…

We interviewed cyber experts on a Vegas ferris wheel. Then ride security showed up…

In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…

Next post in Network Security