Remove Business Services Remove Encryption Remove Ransomware
article thumbnail

LockFile Ransomware uses a new intermittent encryption technique

Security Affairs

Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.

article thumbnail

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. “The LockFile ransomware was first observed on the network of a U.S.

article thumbnail

Business services provider Morley discloses ransomware incident

Bleeping Computer

disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files. [.]. Morley Companies Inc.

article thumbnail

Experts warn of a spike in May and June of 8Base ransomware attacks

Security Affairs

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil. ” reported NCC.

article thumbnail

Patch now! Microsoft Exchange attacks target ProxyShell vulnerabilities

Malwarebytes

Ransomware. Several researchers have pointed to a ransomware group named LockFile that combines ProxyShell with PetitPotam. Later, the threat actor revisited to initiate the staging of artefacts related to the LockFile ransomware. PetitPotam enables a threat actor to launch an NTLM relay attack on domain controllers.

article thumbnail

Ransomware Attacks on Schools: 'Dirty, Rotten Scoundrels' Stop Online Learning

SecureWorld News

Ransomware attack shuts down California online learning. In Central California, the Selma Unified School District abruptly stopped online classes during the middle of the day because of a ransomware attack which was spreading across the district's network. Ransomware attack hits North Carolina schools.