Cisco released a guide describing ransomware and recommendations for preventing a ransomware infection.
Ransomware is computer malware that installs covertly on a victim's device and that either mounts the cryptoviral extortion attack from cryptovirology that holds the victim's data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim's data, until a ransom is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer's Master File Table or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
The Office of the New York State Comptroller released a guide on ransomware, what to do before paying the ransom, and how to reduce your chances of falling victim to ransomware attacks.
Bromium released a report analyzing Crypto-Ransomware. Crypto-Ransomware uses strong encryption to lock files on a victim's computer until the ransom is payed. This report includes analysis of several versions of malware including CryptoLocker, Cryptowall/Cryptodefense, and TorrentLocker. It also includes the most common files encrypted by this malware and
Unlike most ransomware out there, which focuses mainly on encrypting local files, Samas spreads inside the entire network to encrypt files on every server and computer, the researchers say. This operation is performed in three steps: the attackers steal domain credentials, identify targets via Active Directory reconnaissance, and then move laterally through
Let's start with the "calm down" part of the article: yes, LogicLocker is ransomware designed for programmable logic controllers, but no, the cyber-geddon isn't upon us.
Researchers say they have uncovered ransomware still under development that comes with a novel and nasty twist.
A new ransomware family spotted for the first time recently is already being distributed via an exploit kit (EK).
Ransomware has already managed to carve itself a niche as one of the main cybersecurity threats of 2016. For the most part, IoT devices store little or no data, which would logically make them financially irrelevant to ransomware attacks, right?
Ransomware groups have evolved yet another new tactic in their quest to infect victims with malicious file-encrypting software, including those behind the notorious Locky campaign.
One of the most active Trojans this year has changed tactics and now installing backdoors on target machines instead of ransomware.