Microsoft has revealed that a threat actor labeled Storm-0324 is distributing malware by using "phishing lures through Microsoft Teams chats" that could be used to launch ransomware attacks.
Ransomware RSS
Some things are certain in cybersecurity: Ransomware attacks will occur; expert jobs will remain vacant; and CVEs will go unpatched. Take a look at expectations from the sector in 2023.
In this episode of Microsoft Weekly: FTC takes the L as judge gives the Microsoft-ABK merger the green light; Microsoft confirms Windows 11 version 23H2; Cortana dies even more; and Patch Tuesday.
Security researchers discovered that a new ransomware campaign, dubbed Big Head, is infecting devices by fooling users into thinking it is a critical Windows update, and it can even delete backups.
The US Department of the Treasury has sanctioned a prolific ransomware actor, Mikhail Matveev. The Department of State will also offer a $10 million reward for info that leads to his arrest.
Google says hackers were delivering the Magniber ransomware by using a flaw in Microsoft's SmartScreen feature. Google informed Microsoft of the issue which was fixed in today's Patch Tuesday release.
The Housing Authority of the City of Los Angeles recently announced that it suffered a data breach due to a ransomware attack. The incident gave hackers access to members' sensitive information.
A ransomware variant commonly known to target Windows PCs has recently been found infecting Linux computers as well. The variant does this by exploiting a flaw in IBM's Aspera Faspex software.
The United States Marshals Services has suffered a major security breach that compromised the department's sensitive law enforcement information followed by a ransomware attack.
Fruits and vegetables company Dole recently suffered a ransomware attack that forced it to shut down its production plants. The company is working with experts to remediate the issue.
The threat actors behind a ransomware strain called "HardBit" were recently seen asking victims to provide them with their insurance details. This is so they can tailor their demand within the policy.
The cybercriminals behind the ESXiArgs ransomware have created a new variant that evades the recovery script that the U.S. CISA recently released. The new version also comes with a new ransom note.
CISA has released a data recovery script dubbed "ESXiArgs-Recover" in order to help users who have been affected by the massive worldwide ESXiArgs ransomware server attacks on VMWare's vSphere.
The ransomware attack was first reported by Italy's National Cybersecurity Agency, but it has affected many other servers in other European countries, along with the US and Canada.
A ransomware strain that exploits a legitimate Windows search tool has recently been discovered by security researchers. The new variant can disable Windows Defender and even prevent shutdowns.
One of the best ways to recover from such a malicious attack is to ensure you keep good and recent backups of your systems. This is where Undelete instant file recovery software can help.
As we enter a new year, cybercriminals will develop more dangerous and sophisticated cyberthreats. Thankfully, there are many things you can do to mitigate the risk of falling victim to them.
A newly discovered ransomware strain is framing cybersecurity experts by claiming that they are the ones behind the attacks. However, the people blamed are not associated in any way with the malware.
Ransomware is no longer a question of if, but when. Read more for tips on prevention and how best to respond to a ransomware attack. Get ahead of threats with actionable tip in this White Paper.
Avast has launched the Ransomware Shield for business users. It protects files and folders from being edited by unauthorized programs, which should protect them from ransomware programs.
Security researchers have found that a utility inside Microsoft's own Defender anti-virus is being abused by LockBit ransomware threat actors to deliver malicious payload to victim systems.
Microsoft is soon ready to start blocking Office macros once again. The company has updated its support documentation with clear explanations and step-by-step instructions for users and IT admins.
Anti-virus assessment firm AV-TEST recently released its advanced threat protection test against ransomware. In this assessment report, Microsoft's Defender has performed exceptionally well.
As risks in the cyberspace escalate, CISOs are rethinking what goes into ransomware preparation and response, and expectations for managing the ever-increasing risk. Learn how, in this free report.
QNAP remains silent while ech0raix, a ransomware operator targets its devices once again. QNAP NAS devices had been attacked earlier this year, in 2021, and in 2020. Users must remain cautious.
Trend Micro has cautioned that the recent Windows 11 optional update KB5014019 is leading to issues on its products. The update is breaking the UMH which is responsible for ransomware protection.
A unique ransomware called GoodWill forces victims to do acts of kindness like feed and clothe the less fortunate in order to decrypt their files. Victims also have to post evidence on social media.
Microsoft has issued a warning about the growing threat posed by human-operated ransomware in the ransomware-as-a-service (RaaS) gig economy. It has also provided some guidance for organizations.
A new Magniber ransomware campaign is here that is infecting potential victims using fake Windows updates. Upon successful infection, the threat actors are asking for payment of around $2,600 in BTC.
Some of the Lapsus$ group's members may have been arrested, but the hackers managed to sneak inside T-Mobile servers and stole the company's source code to perform SIM swap attacks for ransomware.
A security company has published details about Hive ransomware currently targeting vulnerable Microsoft Exchange servers and encrypting environments with a "windows.exe" file containing ransomware.
In our latest recap for the Microsoft-verse, we have lots of stuff to talk about including tons of Windows updates, recent cybersecurity incidents, and some useful features being added to Edge.
Microsoft has publicly revealed the identity and location of a perpetrator behind ZLoader in order to deter others. The person had developed a ZLoader component that is used to distribute ransomware.
Microsoft 365 Defender has passed MITRE's evaluations for ransomware attack chains with flying colors. It was able to detect and protect against every major attack stage across multiple platforms.
The benefits of ESET's integration of Intel's TDT into its multi-layered cybersecurity technology suite allowing for superior ransomware protection will be made available later in the year.
Microsoft has announced a hub called the "Security Insider" program containing resources about managing cybersecurity in an organization for business leaders and Chief Information Security Officers.
Any improperly configured QNAP NAS, exposed to the internet, is currently vulnerable to a new type of ransomware called Deadbolt which encrypts data and demands a ransom in Bitcoin.
Google Drive can now display warning banners to alert users of potentially malicious files. The new resource is available to all Google Workspace, G Suite Basic, and Business users.
A new security baseline has been released for Windows 10 21H2. It brings protection and prevention against PrintNightmare, ransomware attacks, and more. Windows 11 also received the package earlier.
Certain health data management systems in Brazil have suffered a cyberattack, with COVID-19 vaccination data allegedly being deleted. The government has been unable to recover the data so far.