Malwarebytes

JANUARY 2, 2024

Researchers at SRLabs have made a decryption tool available for Black Basta ransomware, allowing some victims of the group to decrypt files without paying a ransom. The decryptor works for victims whose files were encrypted between November 2022 and December 2023. How to avoid ransomware Block common forms of entry.

Encryption 106

Encryption Ransomware Backups Malware 106

Schneier on Security

MARCH 1, 2022

Nice piece of research : Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. In this paper, we analyzed Hive ransomware, which appeared in June 2021.

Ransomware 295

Ransomware Encryption 295

Security Boulevard

MAY 24, 2024

The ransomware resizes system partitions to create a new boot partition, ensuring the encrypted files are loaded during system startup, which locks out the user. The post ShrinkLocker Ransomware Leverages BitLocker for File Encryption appeared first on Security Boulevard.

Encryption 72

Encryption Ransomware 72

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. ShrinkLocker ransomware was first discovered in May 2024 by researchers from Kaspersky. Then, it re-encrypts the system using a randomly generated password.

Ransomware 120

Ransomware Encryption Passwords Backups 120

Tech Republic Security

SEPTEMBER 12, 2022

Some ransomware groups are now using a new method to try to bypass those detections. The post Ransomware makes use of intermittent encryption to bypass detection algorithms appeared first on TechRepublic.

Encryption 148

Encryption Ransomware 148

eSecurity Planet

SEPTEMBER 22, 2022

To accelerate the ransomware encryption process and make it harder to detect, cybercriminal groups have begun using a new technique: intermittent encryption. Intermittent encryption allows the ransomware encryption malware to encrypt files partially or only encrypt parts of the files.

Encryption 135

Encryption Ransomware Backups Advertising 135

Bleeping Computer

JANUARY 30, 2024

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. [.]

Encryption 109

Encryption Ransomware 109

Security Affairs

NOVEMBER 12, 2024

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir ransomware , which attackers deployed after breaching systems via PowerShell commands. ” reads the report published by Kaspersky.

Ransomware 119

Ransomware Malware Encryption Hacking 119

Tech Republic Security

JANUARY 5, 2023

Google, Microsoft and Proton launched new end-to-end encryption products to confront the 50% increase in ransomware, phishing and other email-vector attacks from the first half of 2022. The post Cloud email services bolster encryption against hackers appeared first on TechRepublic.

Encryption 183

Encryption Phishing Ransomware VPN 183

Graham Cluley

OCTOBER 17, 2024

No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news - amid reports that 389 US-based healthcare institutions were hit by ransomware last year - more than one every single day.

Ransomware 118

Ransomware Encryption Healthcare Data breaches 118

Thales Cloud Protection & Licensing

APRIL 16, 2024

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection madhav Wed, 04/17/2024 - 05:22 Our last blog Ransomware Attacks: The Constant and Evolving Cybersecurity Threat described the ever dangerous and evolving cybersecurity threat of ransomware. CTE-RWP is behavior-based.

Encryption 62

Encryption Ransomware Antivirus Government 62

Security Affairs

JUNE 8, 2022

Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The Black Basta ransomware gang now supports encryption of VMware ESXi virtual machines (VMs) running on Linux servers. SecurityAffairs – hacking, Black Basta ransomware).

Encryption 145

Encryption Ransomware Malware Hacking 145

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. “On September 8, 2024, we suffered a ransomware attack on our computer system.

Ransomware 115

Ransomware Insurance Encryption Healthcare 115

The Hacker News

NOVEMBER 13, 2024

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware.

Ransomware 118

Ransomware Encryption Cybersecurity 118

Bleeping Computer

SEPTEMBER 10, 2022

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims' systems faster while reducing the chances of being detected and stopped. [.].

Encryption 139

Encryption Ransomware 139

Penetration Testing

AUGUST 24, 2024

The Qilin ransomware group, already infamous for its “double extortion” tactics, has now added a new strategy to its repertoire: credential harvesting from Google Chrome browsers. A recent investigation by... The post Qilin Ransomware: Beyond Encryption, a New Threat of Credential Theft appeared first on Cybersecurity News.

Encryption 69

Encryption Ransomware Cybersecurity Malware 69

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware 329

Ransomware Encryption Backups Manufacturing 329

Security Affairs

NOVEMBER 12, 2024

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir ransomware , which attackers deployed after breaching systems via PowerShell commands. ” reads the report published by Kaspersky.

Ransomware 100

Ransomware Malware Encryption Hacking 100

Bleeping Computer

MAY 10, 2023

Security researchers have shared a new Python-based ransomware recovery tool named 'White Phoenix' on GitHub, which lets victims of ransomware strains that use intermittent encryption recover their files for free. [.]

Encryption 111

Encryption Ransomware 111

eSecurity Planet

OCTOBER 6, 2021

Ransomware attacks are a huge concern these days, especially for corporate networks. Indeed, when the ransomware reaches its target, it’s practically game over. The malware encrypts files and spreads to the entire system to maximize damage, which forces companies to lock down the whole network to stop the propagation.

Encryption 109

Encryption Ransomware Backups Malware 109

Security Boulevard

APRIL 16, 2024

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection madhav Wed, 04/17/2024 - 05:22 Our last blog Ransomware Attacks: The Constant and Evolving Cybersecurity Threat described the ever dangerous and evolving cybersecurity threat of ransomware. CTE-RWP is behavior-based.

Encryption 59

Encryption Ransomware Antivirus Government 59

Security Affairs

SEPTEMBER 2, 2024

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The Cicada3301 ransomware is written in Rust and targets both Windows and Linux/ESXi hosts.

Ransomware 136

Ransomware Encryption Malware Cybercrime 136

Bleeping Computer

JUNE 12, 2022

Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger encryption. [.].

Encryption 141

Encryption Ransomware Cybersecurity 141

Bleeping Computer

AUGUST 6, 2022

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. [.].

Encryption 137

Encryption Ransomware Healthcare 137

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines.

Encryption 98

Encryption Ransomware Malware Healthcare 98

Security Affairs

AUGUST 31, 2021

Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.

Encryption 137

Encryption Ransomware Financial Services Antivirus 137

CSO Magazine

DECEMBER 14, 2022

A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware program that allows attackers to perform flexible and fast file encryption. To read this article in full, please click here

Encryption 120

Encryption Ransomware 120

CSO Magazine

AUGUST 30, 2021

A new ransomware threat called LockFile has been victimizing enterprises worldwide since July. Key to its success are a few new tricks that make it harder for anti-ransomware solutions to detect it. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

Encryption 125

Encryption Ransomware CSO Antivirus 125

Penetration Testing

NOVEMBER 14, 2024

In a world where ransomware has evolved to use complex encryption algorithms, ShrinkLocker—a newly discovered ransomware variant—takes a retro approach.

Ransomware 93

Ransomware Encryption Cybersecurity Malware 93

Security Boulevard

SEPTEMBER 14, 2022

The 100+ newly introduced ransomware encryption attacks will now allow teams to simulate the actual ransomware behavior making the attack more realistic and increasing the validity of the results. The post Product Update – SafeBreach Introduces New Ransomware Encryption Attacks appeared first on SafeBreach.

Encryption 96

Encryption Ransomware 96

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 138

Encryption Ransomware Cybercrime Malware 138

The Hacker News

JULY 6, 2022

The operators of the Hive ransomware-as-a-service (RaaS) scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method.

Encryption 119

Encryption Ransomware Software 119

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The experts pointed out that the Rorschach ransomware appears to be unique. The experts pointed out that the Rorschach ransomware appears to be unique. ” continues the analysis.

Encryption 98

Encryption Ransomware Malware Backups 98

Malwarebytes

AUGUST 6, 2024

If you’ve been following any news about ransomware , you may be under the impression that ransomware groups are only after organizations rather than individual people, and for the most part that’s true. However, Magniber is one ransomware that does target home users. Run a trusted anti-malware solution.

Ransomware 136

Ransomware Artificial Intelligence Encryption Software 136

Bleeping Computer

OCTOBER 29, 2021

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [.].

Encryption 142

Encryption Ransomware Malware 142

Heimadal Security

JULY 28, 2021

The LockBit ransomware was launched in September 2019 as a ransomware-as-a-service. The post LockBit Ransomware Is Now Encrypting Windows Domains appeared first on Heimdal Security Blog. The post LockBit Ransomware Is Now Encrypting Windows Domains appeared first on Heimdal Security Blog.

Encryption 124

Encryption Ransomware Malware Software 124

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 98

Encryption Ransomware VPN Malware 98