Hackers are shifting their tactics away from traditional phishing and ransomware attacks, and moving toward stealthier intrusions via websites and the software supply chain, according to a recent report. Read More
Digest Article
Topic: Ransomware
Ransomware is computer malware that installs covertly on a victim's device and that either mounts the cryptoviral extortion attack from cryptovirology that holds the victim's data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim's data, until a ransom is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
Digest Article
Ransomware Attacks Target MSPs to Mass-Infect Customers
Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware. Read More
CSIAC Report
Malvertising Explored
Introduction Malvertising is a malicious form of online advertisement used to inject malware into legitimate online advertising networks and webpages. Advertisements are produced with significant effort to attract users and sell or advertise a product, which makes for a prime platform for spreading malware. Malvertising can exist even on the most popular Read More
Podcast
Malvertising Explored
This podcast is a breakdown episode where the CSIAC discusses current topics in further depth. CSIAC tries to breakdown the complexity of the topic. Malvertising is a malicious form of online advertisement used to inject malware into legitimate online advertising networks and webpages. Advertisements are produced with significant effort to attract users Read More
Digest Article
The Devil Targets Japan with Bad Rabbit-like Wiper-Ransomware
The name ONI, can mean "devil" in Japanese, and it also appears in the email address found in its ransom note. Attacks observed by Cybereason suggest that the malware lives up to its name. Aside from encrypting files on the infected machines, ONI can encrypt files on removable media and network drives - and there's evidence that the true purpose of the Read More
Podcast
Industry Risks – Cybersecurity in the Workplace is Everyone’s Business
In recent years, a few specific threats have caused significant damage to targeted victims. Ransomware continues to plague numerous industries. Having up-to-date systems and backups are crucial in the defense against ransomware. Insider Threats also cause significant damage to unsuspecting organizations. Monitoring for unusual activity and Read More
Podcast
Ransomware – Simple Steps to Online Safety
Ransomware is advanced malware designed to take over your computer and encrypt your files - locking you out! To protect your organization, follow a few guidelines: Vigilance in end-user training. Teach users to identify suspicious files such as untrusted attachments Invest in available security technologies such as: Anti-virus Read More
CSIAC Information Page
Simple Steps to Online Safety – National Cyber Security Awareness Month – Week 1: October 2-6
Overview: All members of the public can take some simple actions to protect themselves online and to recover in the event a cyber incident occurs. This week’s topic is simple steps that an individual or organization can take to improve their online safety. CSIAC has a substantial repository of information available to its users. We will highlight a few Read More
Digest Article
Massive Email Campaign Sends Locky Ransomware to Over 23 Million Users
The campaign spotted by researchers at AppRiver sent out more than 23 million messages containing Locky ransomware in just 24 hours on 28 August across the United States in what appears to be one of the largest malware campaigns in the second half of this year. According to the researchers, the emails sent out in the attack were "extremely vague," with Read More
Digest Article
New EMPTY CryptoMix Ransomware Variant Released
Yesterday, MalwareHunterTeam discovered a new variant of the CryptoMix ransomware that is appending the .EMPTY extension to encrypted file names. Considering that the previous variant used ERROR as the previous extension and now uses empty, it is clear that the developers are running out of ideas for extensions. This article will provide a brief summary Read More
