Ransomware

efs cryptography

EFS-Based Ransomware is a Real and Tangible Danger

SafeBreach created new ransomware that utilizes the Windows EFS system.  The team tested their creation against three AV tools, and all failed to detect the threat.  All vendors, as well as Microsoft, have...
ransomware hacker

The “djvu” (STOP) Ransomware Enters 2020 with Impetus

Researchers warn that the djvu ransomware is still active and continuously evolving with new strains. Most of the strains remain unbreakable, while the ransomware downloads info-stealers too now. The actors are...
travelex

Travelex Still Offline After a Sodinokibi Ransomware Attack

Travelex is still trying to get its systems back online after a catastrophic network breach by hackers. The foreign exchange company failed to update their VPN solution for over six months, in...
new orleans

The City of New Orleans was Targeted by Ryuk Ransomware Actors

New Orleans systems are down since Friday, and the city is running on an emergency network. The strain that was used in the attack was Ryuk, but Emotet and Trickbot might also...
ransomware server

Ransomware Attack Cripples Data Center Provider ‘CyrusOne’

CyrusOne was hit by REvil, and the company is working towards restoration without paying. The ransomware actors found their way in six New York-based data centers, affecting an equal number of clients....
ransomware

Dutch Security Report Warns of the Most Successful Ransomware Strains

The Dutch NCSC warns of the dangers of the LockerGoga, MegaCortex, and Ryuk strains. The organization identifies 1800 entities that are affected by ransomware attacks. Defending against ransomware is a matter...
hospital

French Hospital had 6000 Computers Locked Down by Ransomware Attack

 A hospital in Northern France is trying to disinfect 6000 of their computers from a ransomware worm. The caregiving services have been severely impacted, but personnel claims the situation is manageable. ...
masked scammer

Malicious Actor is Impersonating Government Organizations to Deliver Malware

A new actor given the identifier TA2101 is showcasing highly sophisticated social engineering practices. The actor has recently targeted companies in Italy, Germany, and the United States. The payloads used were...
ransomware scam

Dharma/Crysis Ransomware File Decryption Scams on the Rise

Scammers promote Dharma decryption services, but experts say this is impossible. The scammers are just paying the ransomware actors and unlock the files of the victims. Dharma will most likely not...
ransomware_malware_skull

SmarterASP.NET is Struck by Ransomware Which Encrypted Client Data

An unidentified ransomware strain has hit SmarterASP.NET on Saturday, and the service is still recovering. The company says that about 40% of the affected clients have gotten their websites back already. ...

Most Popular