Blog News Ransomware -  

Úvod  APT blog  Attack blog  BigBrother blog  BotNet blog  Bug blog  Cyber blog  Cryptocurrency blog  Exploit blog  Hacking blog  Hardware blog  ICS blog  Incident blog  IoT blog  Malware blog  OS Blog  Phishing blog  Ransomware blog  Safety blog  Security blog  Social blog  Spam blog  Vulnerebility blog


 


Datum

Název

Info

Blog

Companies

19.5.19

EternalBlue reaching new heights since WannaCryptor outbreak

Attack attempts involving the exploit are in hundreds of thousands daily

Ransomware blog

Eset

6.5.19

Sodinokibi ransomware exploits WebLogic Server vulnerability

Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi." Sodinokibi attempts to encrypt data in a user's directory and delete shadow copy backups to make data recovery more difficult. Oracle first patched the issue on April 26, outside of their normal patch cycle, and assigned it CVE-2019-2725.

Ransomware blog

Cisco Talos

6.5.19

Buhtrap backdoor and ransomware distributed via major advertising platform

Criminal activities against accountants on the rise – Buhtrap and RTM still active

Ransomware blog

Eset

24.4.19

WannaCryptor ‘accidental hero’ pleads guilty to malware charges

Marcus Hutchins, who is best known for his inadvertent role in blunting the WannaCryptor outbreak two years ago, may now face a stretch behind bars

Ransomware blog

Eset

25.3.19

Ransomware or Wiper? LockerGoga Straddles the Line

Ransomware attacks have been in the news with increased frequency over the past few years. This type of malware can be extremely disruptive and even cause operational impacts in critical systems that may be infected. LockerGoga is yet another example of this sort of malware. It is a ransomware variant that, while lacking in sophistication, can still cause extensive damage when leveraged against organizations or individuals.

Ransomware blog

Cisco Talos

30.1.19

Russia hit by new wave of ransomware spam Among the increased number of malicious JavaScript email attachments observed in January 2019, ESET researchers have spotted a large wave of ransomware-spreading spam targeting Russian usersRansomware blog Eset

28.1.19

Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor

PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before demanding that the user pay a ransom to gain access to their decrypted files. To combat this ransomware, Cisco Talos is releasing a free decryption tool.

Ransomware blog

Cisco Talos

28.1.19 Sly criminals package ransomware with malicious ransom note Ransomware is not dead. It’s changing—and we need to be ready for them.Ransomware blog Malwarebytes
1.1.19 Ransomware vs. printing press? US newspapers face “foreign cyberattack” Did malware disrupt newspaper deliveries in major US cities? Here’s what’s known about the incident so far and the leading suspect: Ryuk ransomware. Plus, advice on defending your organization against such attacks.

Ransomware blog

Eset
10.12.18 The Ransomware Doctor Without a Cure When it comes to ransomware attacks, there is nothing a company hates more than paying the demanded ransom. It is an unexpected fine often caused by a tiny, yet crucial mistake – an unpatched device, an out-of-date product or an innocent human error.Ransomware blog Checkpoint
29.11.18 US indicts two over SamSam ransomware attacks The hacking and extortion scheme took place over a 34-month period with the SamSam ransomware affecting over 200 organizations in the US and CanadaRansomware blog Eset
30.10.18 SamSam: Targeted Ransomware Attacks Continue Ransomware group remains highly active in 18, focussing mainly on organizations in the U.S.Ransomware blog Symantec
30.10.18 Ransomware and the enterprise: A new white paper Ransomware remains a serious threat and this new white paper explains what enterprises need to know, and do, to reduce riskRansomware blog Eset
25.10.18 ESET releases new decryptor for Syrian victims of GandCrab ransomware ESET experts have created a new decryption tool that can be used by Syrian victims of the GandCrab ransomware. It is based on a set of keys recently released by the malware operatorsRansomware blog

Eset

20.9.18

Bristol airport takes flight screens offline after apparent ransomware attack

The screens in “key locations” are back up and running again, while the airport paid no ransom to return its systems to working order

Ransomware blog

Eset

30.8.18

Ransom Warrior Decryption Tool

On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers, who...

Ransomware blog

Checkpoint

20.8.18

Ryuk Ransomware: A Targeted Campaign Break-Down

Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds of PC, storage and data centers...

Ransomware blog

Checkpoint

30.7.18 Telegram: Cyber Crime’s Channel of Choice Introduction The Dark Web is a hive of illicit activity. From illegal guns and drug dealing to the Ransomware-as-a-Service programs buyers and sellers can use this medium to trade and exchange both knowledge..Ransomware blog Checkpoint

30.7.18

The GandCrab Ransomware Mindset Key Points: In 18 even ransomware is agile. Learn about the mindset of the GandCrab ransomware developers. Take a deep dive into the inner workings of GandCrab’s operation. Get an overview of twoRansomware blog

Checkpoint

30.7.18

Bad Rabbit: The Full Research Investigation

What is this all about? Earlier this week a new ransomware attack dubbed ‘Bad Rabbit’ broke out and has so far affected The Ukraine, Russia, Turkey and Bulgaria.  Various healthcare, media, software and.

Ransomware blog

Checkpoint

30.7.18

August’s Most Wanted Malware: Banking Trojans and Ransomware That Want Your Money

Check Point’s latest Global Threat Index has revealed that banking trojans were extensively used by cyber-criminals during August with three main variants appearing in the top 10. The Zeus, Ramnit and Trickbot banking..

Ransomware blog

Checkpoint

30.7.18

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions

With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought..

Ransomware blog

Checkpoint

30.7.18

Preventing Petya – stopping the next ransomware attack

Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within customer.

Ransomware blog

Checkpoint

30.7.18

Threat Brief: Petya Ransomware, A Global Attack

[updated 6/28] A worldwide attack erupted on June 27 with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. The attack is distributing what seems..

Ransomware blog

Checkpoint

30.7.18

Anatomy of the Jaff Ransomware Campaign

Last month, Check Point researchers were able to spot the distribution of Jaff Ransomware by the Necurs Botnet. The ransomware was spread using malicious PDF files that had an embedded docm file, which.

Ransomware blog

Checkpoint

30.7.18

Check Point Reveals Global WannaCry Ransomware Infection Map at CPX Europe 2017

Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection Map, the researchers were able to track 34,300 attack.

Ransomware blog

Checkpoint

30.7.18

WannaCry – New Kill-Switch, New Sinkhole

Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning...

Ransomware blog

Checkpoint

30.7.18

WannaCry – Paid Time Off?

Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing , the 3 bitcoin accounts associated with.

Ransomware blog

Checkpoint

30.7.18

Global Outbreak of WannaCry

[Updated May 17, 2017] On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing..

Ransomware blog

Checkpoint

30.7.18

JAFF – A New Ransomware is in town, and it’s widely spread by the infamous Necurs Botnet

Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only to shortly peak late in April, spreading Locky using..

Ransomware blog

Checkpoint