Displaying items by tag: Ryuk

The process of staging a ransomware attack is much more complex than portrayed, with a number of actors involved, the global security company Kaspersky claims in a detailed blog post about how a typical attack chain is organised. The post was written on Anti-Ransomware Day aiming to demolish some myths around ransomware, which predominantly attacks systems running Microsoft Windows.

ANALYSIS Norwegian firm Volue Technology has demonstrated to the rest of the world how a ransomware attack should be handled after it was hit by the Windows Ryuk strain on 5 May.

One of the many tools used by multiple ransomware groups in a similar way — suggesting that they are being used by ransomware-as-a-service affiliates — is the Windows backdoor SystemBC, global cyber security vendor Sophos claims.

American payments processing company TSYS, that has global operations, has suffered a hit from the Windows Conti ransomware.

GUEST RESEARCH: Q3 2020 Internet Security Report sheds light on COVID-19 threat trends, growing network attacks, malware targeting US SCADA systems, and more.

Security firm Intel 471 claims to have discovered a pattern in ransomware attacks over the past 18 months, with a growing inter-dependence between the actual attackers and those who sell access to compromised systems.

Security researchers have found that ransomware gangs are keeping in step with IT industry trends, with a new Windows ransomware strain, RegretLocker, able to encrypt data on virtual disks.

Webroot has released its annual list of the Nastiest Malware, "revealing phishing, botnet attacks and ransomware as 2020’s most vicious cybersecurity threats".

Windows ransomware known as LockBit, which made its presence known in 2019, has now matured and is using novel ways to escalate privileges by bypassing the User Account Control feature on Windows systems.

IT professionals at companies that have been hit by ransomware are nearly thrice as likely (17%) to feel they are "significantly behind" in understanding online threats in comparison to staff at organisations which have not suffered such attacks (6%), a global survey claims.

A Windows ransomware attack on a gas pipeline in the US, briefly detailed by the US Cyber Security and Infrastructure Agency recently, is probably the same as that reported by the US Coast Guard in 2019, the security firm Dragos claims.

The security firm Emsisoft has warned anyone hit by the Ryuk ransomware that the decryption tool supplied by the malicious attackers behind Ryuk may no longer be able to decrypt files that have been encrypted.

Global security firm Prosegur has been hit by a Windows ransomware attack and has shut down at least a part of its network, the company announced on Wednesday.

An infection of Windows systems by the Emotet malware was the precursor to the recent ransomware attack on Victorian hospitals, the Australian Cyber Security Centre says, as part of a warning that Emotet, which has been around since 2014, is being spread in Australia by malicious emails.

The FIN6 cyber crime group, that has in the past been involved in stealing payment card data, has allegedly expanded its activities to deploying Windows ransomware, the security firm FireEye claims.

Windows ransomware known as Ryuk has been used in a number of well-targeted campaigns over the last two weeks, encrypting hundreds of PCs, storage and data centres in each infected firm, the security firm Check Point says.