CSO Magazine

NOVEMBER 8, 2021

It’s known as “intermittent encryption” and researchers from Sophos recently discovered Lockfile encrypts alternate bundles of 16 bytes in a document to stay hidden. This novel approach helps the ransomware to avoid triggering a red flag because the new encryption method looks statistically very similar to the unencrypted original.

Encryption 115

Encryption Ransomware Engineering Technology 115

CSO Magazine

MAY 26, 2022

Researchers at Trend Micro have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. To read this article in full, please click here

Ransomware 144

Ransomware Encryption Security Awareness 144

Graham Cluley

JULY 6, 2023

There's good news for any business that has fallen victim to the Akira ransomware. Security researchers have developed a free decryption tool for files that have been encrypted since the Akira ransomware first emerged in March 2023. Read more in my article on the Tripwire State of Security blog.

Ransomware 140

Ransomware Encryption Malware 140

CSO Magazine

AUGUST 24, 2021

The FBI is warning companies that a ransomware group calling itself OnePercent or 1Percent is leveraging the IceID Trojan and the Cobalt Strike backdoor to gain a foothold inside networks. The ransomware group has been active since at least November 2020 and has hit companies in the United States.

Ransomware 143

Ransomware Banking Encryption 143

Security Affairs

OCTOBER 20, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Graham Cluley

JUNE 20, 2024

Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid. Read more in my article on the Tripwire State of Security blog.

Ransomware 115

Ransomware Encryption Hacking Data breaches 115

Malwarebytes

APRIL 12, 2022

Thanks to the Threat Intelligence team for their help with this article. Conti, the infamous ransomware created by a group of Russian and Eastern European cybercriminals, has again made headlines after a hacking group used its leaked source code to create another variant of the ransomware and target Russian businesses.

Ransomware 145

Ransomware Encryption Hacking Internet 145

SecureWorld News

JANUARY 16, 2025

This article delves deeper into the challenges faced by the oil and gas industry, highlighting practical strategies to safeguard critical infrastructure through cybersecurity, data analytics, and regulatory compliance. Quantum-resistant cryptography: As quantum computing advances, traditional encryption methods will become obsolete.

Energy and Utilities 108

Energy and Utilities IoT Artificial Intelligence Backups 108

Graham Cluley

FEBRUARY 15, 2024

A group of South Korean security researchers have uncovered a vulnerability in the infamous Rhysida ransomware that provides a way for encrypted files to be unscrambled. Read more in my article on the Tripwire State of Security blog.

Ransomware 117

Ransomware Encryption Malware 117

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption 138

Encryption Computers and Electronics Password Management Passwords 138

CSO Magazine

JANUARY 19, 2021

Security vendors can now leverage new telemetry and machine learning processing capabilities built into Intel's 11th Gen mobile processors to better detect and block sophisticated ransomware programs that attempt to evade traditional detection techniques. To read this article in full, please click here

Threat Detection 142

Threat Detection Ransomware CSO Mobile 142

CSO Magazine

APRIL 4, 2023

Researchers warn of a new strain of ransomware dubbed Rorschach that doesn't appear to be related to previously known threats and uses several unique features in its implementation, including one of the fastest file encryption routines observed so far. “A To read this article in full, please click here

Encryption 94

Encryption Ransomware 94

CSO Magazine

SEPTEMBER 9, 2022

Retailers are fast becoming the favorite targets for ransomware criminals, with two out of three companies in the sector being attacked last year, according to a new report from cybersecurity firm Sophos. Attackers were able to successfully encrypt files in more than half of the attacks.

Retail 130

Retail Ransomware Encryption Cybersecurity 130

SecureList

JULY 5, 2021

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims have reportedly been compromised through a popular MSP software which led to encryption of their customers. To keep your company protected against ransomware 2.0

Ransomware 145

Ransomware Encryption Software VPN 145

SecureList

APRIL 15, 2024

They generated a custom version of the ransomware, which used the aforementioned account credential to spread across the network and perform malicious activities, such as killing Windows Defender and erasing Windows Event Logs in order to encrypt the data and cover its tracks. In this article, we revisit the LockBit 3.0

Ransomware 137

Ransomware Encryption Passwords Accountability 137

Hacker Combat

APRIL 29, 2021

One of the major instruments that facilitate such fraudulent access and use of sensitive data which is otherwise meant to be private is ransomware. It is therefore critical for one to understand the definition as well as the methodologies of how to get rid of ransomware attacks. Ransomware Infection Techniques. Definition.

Ransomware 138

Ransomware Encryption Phishing Malware 138

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 64

Malware Threat Detection Cryptocurrency Ransomware 64

Graham Cluley

MARCH 17, 2023

Security researchers have released a new decryption tool which should come to the rescue of some victims of a modified version of the Conti ransomware, helping them to recover their encrypted data for free. Read more in my article on the Tripwire State of Security blog.

Ransomware 111

Ransomware Encryption Malware 111

Malwarebytes

SEPTEMBER 6, 2023

Today's ransomware is the scourge of many organizations. If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. Not many victims did this, and the symmetric encryption was relatively easy to crack.

Ransomware 125

Ransomware Encryption Cryptocurrency Government 125

CSO Magazine

JANUARY 21, 2022

ExtraHop threat researchers have observed attackers in the wild using encrypted traffic to avoid detection of Log4Shell attacks. This is consistent with the general trend of cyberattackers using encryption as an evasion mechanism to avoid detection during both the initial intrusion and lateral movement stages of an attack, among others.

Encryption 99

Encryption Ransomware 99

Trend Micro

JANUARY 25, 2023

Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage.

Ransomware 118

Ransomware Encryption Engineering 118

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 71

Malware Social Engineering Antivirus Engineering 71

CSO Magazine

MAY 15, 2023

Companies with cyber insurance are more likely to get hit by ransomware, more likely to be attacked multiple times, and more likely to pay ransoms, according to a recent survey of IT decision makers. Back in 2019, fewer than 20% of enterprises suffered repeat ransomware attacks, while during the pandemic, the percentage rose to around 30%.

Insurance 123

Insurance Cyber Insurance Ransomware Encryption 123

Cisco Security

JULY 14, 2021

Ransomware is wreaking havoc. Ransomware is making its way outside the cybersecurity space. Most people probably know what ransomware is (if not, go here ). Ransomware is now everyone’s problem – from governments to corporations and even individuals. Why is ransomware so dangerous, especially now? What can we do?

Ransomware 145

Ransomware Technology Government Phishing 145

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware DDOS Hacking Ransomware 66

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 64

Malware Artificial Intelligence DNS Ransomware 64

CSO Magazine

MAY 13, 2021

DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline , leading to a major fuel supply disruption along the East Coast of the US. To read this article in full, please click here (Insider Story)

Ransomware 118

Ransomware Encryption Malware Hacking 118

Heimadal Security

DECEMBER 9, 2022

To understand what targeted ransomware is and to know the difference between opportunistic and targeted ransomware, we first need to kick off this article at the very beginning. What is ransomware? Ransomware is malware that encrypts a victim’s data and charges them to reaccess it.

Ransomware 98

Ransomware Encryption Malware 98

Security Affairs

DECEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Artificial Intelligence 102

Artificial Intelligence Spyware Hacking Ransomware 102

Malwarebytes

MARCH 12, 2021

The Microsoft Exchange attacks using the ProxyLogon vulnerability, and previously associated with the dropping of malicious web shells, are taking on a ransomware twist. And in the space of a week the severity has escalated from unused web shells to ransomware. Introducing DearCry ransomware. This is because it uses “DEARCRY!”

Ransomware 138

Ransomware Backups Encryption Internet 138

Heimadal Security

JUNE 29, 2023

In early February 2023, a new ransomware strain quietly made its way up the ranks. Earmarked Dark Power, the NIM-written ransomware leverages an advanced block cipher technique to bypass detection, stop system-critical services, and, finally to encrypt the victim’s file.

Ransomware 105

Ransomware Encryption 105

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 115

Encryption Passwords IoT Firewall 115

Malwarebytes

JUNE 9, 2022

BlackBasta, an alleged subdivision of the ransomware group Conti , just began supporting the encryption of VMware’s ESXi virtual machines (VM) installed on enterprise Linux servers. This is probably why many cybersecurity communities associate them with known ransomware actors, particularly Conti.

Ransomware 117

Ransomware Encryption Firewall Software 117

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 70

Malware Scams Banking Ransomware 70

CyberSecurity Insiders

OCTOBER 17, 2022

Ransomware attack on ‘Heilbronn Stimme’, the German newspaper, has halted the distribution of newspapers, including a 28-page epaper since Friday last week. It remains unclear on whether the publishing firm will pay a ransom to free up its database/s from encryption.

Ransomware 123

Ransomware Encryption Media Malware 123

eSecurity Planet

SEPTEMBER 15, 2021

Tape vendors have been promoting themselves as a solution to the ransomware problem because of their ability to provide air-gapped data backup, but trying to recover terabytes of data from a tape drive can be a little like, well, running into red tape. Since all the system data is encrypted, the hackers have admin/root privileges.

Ransomware 143

Ransomware Backups Encryption Engineering 143

Hot for Security

MAY 7, 2021

Interestingly, AXA has only made the decision to stop writing policies that cover ransomware payments in France – and not the rest of the world. billion to ransomware last year, is believed to be second only to the United States in terms of the financial damage caused by cybercriminal extortionists. In October 2020 the U.S.

Insurance 145

Insurance Ransomware Retail Cryptocurrency 145