The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that, until now, had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months.
Security analysts at Check Point Research are warning about a recently uncovered ransomware strain called Pay2Key that is primarily targeting Israeli firms.
Victims of crypto-locking malware who pay a ransom to their attackers are paying, on average, more than ever before. But investigators warn that when victims pay for a guarantee that all data stolen during an attack will get deleted, criminals often fail to honor their promises.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
After weeks of rising anxiety, Election Day proceeded in the U.S. with no public indications of interference. But experts say misinformation campaigns are still likely, and there's plenty of time for malicious activity as the vote tallying proceeds.
The U.K. NCSC responded to over 700 cyber incidents over a 12-month period, 200 of which were related to the COVID-19 pandemic, according to the cyber agency's annual report. NCSC also notes that's it's preparing to step-up its response to cyber incidents involving the NHS and vaccine development.
The Maze cybercrime gang, which revolutionized the ransomware business by adding an extortion element to each attack, has issued a statement saying it has hung up its spikes and will retire, at least temporarily. Security executives do confirm Maze's activity has dropped off in recent months.
A new report describes the attack methods of an Eastern European gang known as UNC1878 or Wizard Spider that's been waging ransomware attacks against U.S. hospitals in recent days.
The data dump of citizens' election information following a ransomware attack against a county in Georgia is likely to raise concerns about the integrity of this year's vote, some security experts say.
To this point, the focus of ransomware defenses has been on detection. But Michael Leworthy of Veeam says it's time to shift to protection - and even recovery. And backups, he says, are now the critical battlefield in this war.
The operators behind the Ryuk strain of malware are increasingly relying on a malware-as-a-service tool - the Buer loader - to deliver the malware, rather than botnets such as Trickbot and Emotet, the security firm Sophos reports.
The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.
French IT services firm Sopra Steria is confirming that its internal infrastructure sustained a Ryuk ransomware attack that has disrupted its operations, with a full recovery expected to take weeks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.