As Neutrino takes a hit, RIG Exploit Kit jumps at the opportunity and spreads ransomware

Sep 21, 2016 8:05:28 AM By Stu Sjouwerman

Andra Zaharia (the picture is really her) from the Danish Heimdal Security wrote something interesting this morning that I thought you'd like to know:

Meet Mamba: New Full Disk Encryption Ransomware

Sep 17, 2016 8:06:13 AM By Stu Sjouwerman

SecurityAffairs just published a new discovery that you need to know about. A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) ransomware ...

[ALERT] FBI Warns Ransomware Attacks Get More Targeted And Expensive

Sep 16, 2016 4:13:34 PM By Stu Sjouwerman

In an alert published today, the U.S. Federal Bureau of Investigation (FBI) warned that recent ransomware variants have targeted and compromised vulnerable business servers (rather than ...

New Vicious And Highly Targeted Ransomware Attacks Made Public

Sep 16, 2016 10:36:57 AM By Stu Sjouwerman

Here’s an example of a highly targeted ransomware attack, with bad guys using a phony Bank of Montreal (BMO) template to social engineer possible victims into clicking on a malicious ...

A Single Ransomware Gang Made $121M In 2016

Sep 14, 2016 11:31:44 AM By Stu Sjouwerman

Intel Security today released its McAfee Labs Threats Report: September 2016, which assesses the growing ransomware threat; surveys the “who and how” of data loss; explains the practical ...

Targeted Lawsuit Phishing Attack With Sophisticated Payload

Sep 13, 2016 4:11:55 PM By Stu Sjouwerman

We are seeing a big phishing wave with a social engineering attack that threatens with a personalized lawsuit using the domain name of the targeted victim. This is an interesting payload ...

Adding Insult To Injury: The Ginsu Knives Approach To Ransomware

Sep 12, 2016 5:27:54 PM By Stu Sjouwerman

Kaspersky has a fascinating blog post on a new strain of ransomware called RAA that is not only fairly sophisticated, but incredibly abusive:

Philadelphia Ransomware Strain Offers "Mercy" Button

Sep 12, 2016 7:22:41 AM By Stu Sjouwerman

Larry Abrams at Bleepingcomputer reported on a new strain that raises some eyebrows. "A new version of the Stampado ransomware called Philadelphia has started being sold for $400 USD by a ...

Tampa FBI: Your business is going to get hacked (or get infected with ransomware)

Sep 7, 2016 8:55:53 AM By Stu Sjouwerman

The Tampa Bay Business Journal published an interview with FBI Special Agent Lawrence Wolfenden. Wolfenden is a 25-year veteran of the FBI, the lead agency for investigating cyber attacks ...

New Cry Ransomware Strain Has Unusual Advanced Features

Sep 6, 2016 7:14:33 AM By Stu Sjouwerman

Larry Abrams at Bleepingcomputer reported on a new strain with a few unusual features: "A new ransomware that pretends to be from a fake organization called the Central Security Treatment ...

KnowBe4's Field Guide to Macro Warning Screens

Aug 26, 2016 5:29:11 PM By Stu Sjouwerman

Earlier this week today we assisted several companies that were hit by ransomware. Although companies and organizations hit by ransomware can usually pinpoint the source or employee ...

Ransomware & Voicemail Notifications, Redux

Aug 26, 2016 1:18:45 PM By Stu Sjouwerman

Several days ago we posted about a new ransomware campaign pushing Cerber through malicious ZIP files attached to voicemail-themed phishing emails. Fast on the heels of that campaign ...

Here is a Real DDoS Plus Ransomware Extortion Attack

Aug 26, 2016 11:05:24 AM By Stu Sjouwerman

One of our customers received the following email today. It's a clear extortion attempt, they are threatening to execute a combined DDoS and Cerber ransomware attack. These bad guys claim ...

Heads-up! Voice message notification email warning could be ransomware

Aug 24, 2016 2:13:01 PM By Stu Sjouwerman

Don't play voicemail messages from suspicious sources. Example displayed in MS Outlook. Image credit: SANS ISC.

How Highly Personalized Ransomware Attacks Are Getting

Aug 23, 2016 11:40:48 AM By Stu Sjouwerman

CyberheistNews Subscriber Stuart Sanders sent me this: "A friend of mine in Melbourne Australia has been whacked by several crypto attacks on his clients in the last week. He supports ...

Cerber Ransomware Plague Earns 2 Mil With Just 0.3% Victims Paying Up

Aug 21, 2016 8:38:48 AM By Stu Sjouwerman

A new report by Check Point software's researchers showed that Cerber's Ransomware-as-a-Service (RaaS) affiliate program is a success with more than 160 participants at current count, and ...

FireEye warns 'massive' Locky ransomware campaign hits America

Aug 18, 2016 6:43:52 AM By Stu Sjouwerman

The dangerous Locky ransomware is being hurled at a variety of industries, healthcare being the number one target, according to FireEye researcher Ronghwa Chong. We have talked about ...

PokemonGo Ransomware installs Backdoor Account and Spreads to other Drives

Aug 14, 2016 10:43:11 AM By Stu Sjouwerman

With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new Hidden-Tear ransomware discovered ...

Hitler ransomware just deletes files instead of encrypting them

Aug 14, 2016 10:19:30 AM By Stu Sjouwerman

Security experts detected and analyzed a new threat, the Hitler ransomware, that doesn’t encrypt files but simply deletes them. Larry Abrams at Bleepingcomputer commented: " It looks like ...

July 2016 Ransomware Roundup: New Strains And New Nasty Features

Aug 13, 2016 11:08:17 AM By Stu Sjouwerman

The ransomware market is rapidly maturing, we start seeing upgraded strains and rebranded versions sold cheaply in the Dark Web. And mainstream media have finally glommed on after years ...

Security Awareness Training Blog

Ransomware Blog

View Topics