Why you need to know about ransomware
A home ransomware campaign sprung up amidst an increase in attacks against businesses, making the threat a must-know facet of cybersecurity.
Read moreRansomware
Ransomware attackers introduce new EDR killer to their arsenal
Credit to Author: Andrew Brandt| Date: Wed, 14 Aug 2024 16:00:19 +0000
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Read moreThe State of Ransomware in State and Local Government 2024
Credit to Author: Doug Aamoth| Date: Wed, 14 Aug 2024 11:00:07 +0000
270 IT/cybersecurity leaders share their ransomware experiences from the last year.
Read moreTurning the screws: The pressure tactics of ransomware gangs
Credit to Author: Matt Wixey| Date: Tue, 06 Aug 2024 10:00:49 +0000
Sophos X-Ops examines the increasingly aggressive tactics ransomware gangs use to coerce their targets
Read moreMagniber ransomware targets home users
Home users are being targeted by a ransomware called Magniber which locks up files and demands money for the key.
Read moreLow-Drama ‘Dark Angels’ Reap Record Ransoms
Credit to Author: BrianKrebs| Date: Mon, 05 Aug 2024 19:52:35 +0000
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim’s operations.
Read moreRansomware operators exploit ESXi hypervisor vulnerability for mass encryption
Credit to Author: Microsoft Threat Intelligence| Date: Mon, 29 Jul 2024 16:00:00 +0000
Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.
The post Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption appeared first on Microsoft Security Blog.
Read moreU.S. Trades Cybercriminals to Russia in Prisoner Swap
Credit to Author: BrianKrebs| Date: Fri, 02 Aug 2024 00:15:44 +0000
Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were five convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter Evan Gershkovich and ex-U.S. Marine Paul Whelan.
Read moreThe State of Ransomware in Healthcare 2024
Credit to Author: Sally Adam| Date: Tue, 30 Jul 2024 13:52:07 +0000
402 healthcare IT/cybersecurity leaders share their latest ransomware experiences, revealing fresh insights into the realities facing the healthcare sector today.
Read more