Blog News Ransomware -
Úvod APT blog Attack blog BigBrother blog BotNet blog Bug blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog Hardware blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransomware blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before demanding that the user pay a ransom to gain access to their decrypted files. To combat this ransomware, Cisco Talos is releasing a free decryption tool. Because our tool requires the capturing of the initial PyLocky command and control (C2) traffic of an infected machine, it will only work to recover the files on an infected machine where network traffic has been monitored. If the initial C2 traffic has not been captured, our decryption tool will not be able to recover files on an infected machine. This is because the initial callout is used by the malware to send the C2 servers information that it uses in the encryption process.
|28.1.19||Sly criminals package ransomware with malicious ransom note||Ransomware is not dead. It’s changing—and we need to be ready for them.||Ransomware blog||Malwarebytes|
|1.1.19||Ransomware vs. printing press? US newspapers face “foreign cyberattack”||Did malware disrupt newspaper deliveries in major US cities? Here’s what’s known about the incident so far and the leading suspect: Ryuk ransomware. Plus, advice on defending your organization against such attacks.||Eset|
|10.12.18||The Ransomware Doctor Without a Cure||When it comes to ransomware attacks, there is nothing a company hates more than paying the demanded ransom. It is an unexpected fine often caused by a tiny, yet crucial mistake – an unpatched device, an out-of-date product or an innocent human error.||Ransomware blog||Checkpoint|
|29.11.18||US indicts two over SamSam ransomware attacks||The hacking and extortion scheme took place over a 34-month period with the SamSam ransomware affecting over 200 organizations in the US and Canada||Ransomware blog||Eset|
|30.10.18||SamSam: Targeted Ransomware Attacks Continue||Ransomware group remains highly active in 18, focussing mainly on organizations in the U.S.||Ransomware blog||Symantec|
|30.10.18||Ransomware and the enterprise: A new white paper||Ransomware remains a serious threat and this new white paper explains what enterprises need to know, and do, to reduce risk||Ransomware blog||Eset|
|25.10.18||ESET releases new decryptor for Syrian victims of GandCrab ransomware||ESET experts have created a new decryption tool that can be used by Syrian victims of the GandCrab ransomware. It is based on a set of keys recently released by the malware operators||Ransomware blog|
The screens in “key locations” are back up and running again, while the airport paid no ransom to return its systems to working order
Ransom Warrior Decryption Tool
On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers, who...
Ryuk Ransomware: A Targeted Campaign Break-Down
Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds of PC, storage and data centers...
|30.7.18||Telegram: Cyber Crime’s Channel of Choice||Introduction The Dark Web is a hive of illicit activity. From illegal guns and drug dealing to the Ransomware-as-a-Service programs buyers and sellers can use this medium to trade and exchange both knowledge..||Ransomware blog||Checkpoint|
|The GandCrab Ransomware Mindset||Key Points: In 18 even ransomware is agile. Learn about the mindset of the GandCrab ransomware developers. Take a deep dive into the inner workings of GandCrab’s operation. Get an overview of two||Ransomware blog|
What is this all about? Earlier this week a new ransomware attack dubbed ‘Bad Rabbit’ broke out and has so far affected The Ukraine, Russia, Turkey and Bulgaria. Various healthcare, media, software and.
Check Point’s latest Global Threat Index has revealed that banking trojans were extensively used by cyber-criminals during August with three main variants appearing in the top 10. The Zeus, Ramnit and Trickbot banking..
With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought..
Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within customer.
[updated 6/28] A worldwide attack erupted on June 27 with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. The attack is distributing what seems..
Last month, Check Point researchers were able to spot the distribution of Jaff Ransomware by the Necurs Botnet. The ransomware was spread using malicious PDF files that had an embedded docm file, which.
Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection Map, the researchers were able to track 34,300 attack.
Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning...
Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing , the 3 bitcoin accounts associated with.
[Updated May 17, 2017] On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing..
Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only to shortly peak late in April, spreading Locky using..