Ransomware
Ransomware | News, how-tos, features, reviews, and videos
New variant of the IceFire ransomware targets Linux enterprise systems
Traditionally known to target only Windows systems, the new Linux version of the IceFire ransomware exploits an IBM Aspera Faspex file-sharing vulnerability, according to SentinelLabs.
Stolen credentials increasingly empower the cybercrime underground
New research shows that criminal gangs are focusing more on acquiring stolen credentials to bypass security measures.
New cyberattack tactics rise up as ransomware payouts increase
Although threat actors continue to use phishing, brand impersonation, and business email compromise (BEC) as common tactics, use of less familiar attack methods to infiltrate global organizations have picked up, Proofpoint says.
5 top threats from 2022 most likely to strike in 2023
Study and prepare for these five threats and you will be well on your way to protecting your network, assets, and employees.
![Computerworld - Scary Tech [Slide-05] - Encryption systems with backdoors](https://images.idgesg.net/images/article/2017/10/cw_scary_tech_05-100740219-small.3x2.jpg?auto=webp&quality=85,70)
Backdoor deployment overtakes ransomware as top attacker action
Thanks to the availability of malware such as Emotet, deploying backdoors on victims' networks is becoming easier and more lucrative for cybercriminals.
Hackers attack Israel’s Technion university, demand over $1.7 million in ransom
A new group called DarkBit has claimed responsibility for the ransomware attack and demanded that the ransom of 80 bitcoins be paid within the next 48 hours.
VMware ESXi server ransomware evolves, after recovery script released
The FBI and CISA have released a recovery script for the global ESXiArgs ransomware campaign targeting VMware ESXi servers, but the ransomware has since been updated to elude former attempts at remediation.
UK/US cybercrime crackdown sees 7 ransomware criminals sanctioned
Seven cybercriminals linked to the Trickbot ransomware group have been sanctioned to travel bans, asset freezes, and are severely restricted in their use of the global financial system.
Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery
Vendor announces the 7.0 software release of its Cohesity Data Cloud platform with a focus on “data-centric” cyber resilience.
MKS Instruments falls victim to ransomware attack
The semiconductor equipment maker reported the ransomware incident just a day after national cybersecurity agencies and security experts around the world warned about a global ransomware attack that hit thousands of servers running on...
Massive ransomware attack targets VMware ESXi servers worldwide
Cybersecurity agencies globally — including in Italy, France, the US and Singapore — have issued alerts about a ransomware attack targeting the VMware ESXi hypervisor.
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
FBI takes down Hive ransomware group in an undercover operation
FBI covertly infiltrated the Hive network—which has targeted more than 1,500 victims in over 80 countries around the world—and thwarted over $130 million in ransom demands.
Australia fronts International Counter Ransomware Taskforce
The taskforce is a result of the International Counter Ransomware Initiative initially led by the US government and now counts on 37 members globally, including the European Union.
Royal ransomware group actively exploiting Citrix vulnerability
At-Bay cyber research team believes the Royal ransomware group is actively exploiting critical Citrix system security flaw CVE-2022-27510.
Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says
India, the US, Indonesia, and China accounted for 40% of the total reported cyberattacks in the government sector.
LockBit apologizes for ransomware attack on hospital, offers decryptor
The LockBit ransomware-as-a-service operation said it is against its rules to attack medical institutions, but the ransomware gang's affiliates do not always adhere to this policy.
Ransomware ecosystem becoming more diverse for 2023
The decline of big ransomware groups like Conti and REvil has given rise to smaller gangs, presenting a threat intelligence challenge.
Cuba ransomware group used Microsoft developer accounts to sign malicious drivers
The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates.
