First Node.js-based Ransomware : Nodera

Credit to Author: Ravi Gidwani| Date: Wed, 22 Jan 2020 11:12:25 +0000

Recently while threat hunting, Quick Heal Security Labs came across an unusual Node.js framework based Nodera ransomware. The use of Node.js framework is not seen commonly across malware families. Latest development by threat actors reveal a nasty and one-of-its-kind ransomware being created; one that uses Node.js framework, which enables it to infect Windows…

Read more

STOP (Djvu) Ransomware: Ransom For Your Shady Habits!

Credit to Author: Jayesh kulkarni| Date: Wed, 15 Jan 2020 14:13:09 +0000

With almost 200 extensions, STOP (djvu) ransomware can be said to be 2019’s most active and widespread ransomware. Although this ransomware was active a year before, it started its campaign aggressively in early 2019. To evade detection, it has been continuously changing its extensions and payloads. For earlier infections, data…

Read more

A week in security (January 6 – 12)

Credit to Author: Malwarebytes Labs| Date: Mon, 13 Jan 2020 16:29:59 +0000

A cybersecurity news roundup from January 6–12, with a look at Phobos ransomware and a discovery of pre-installed malware on government-funded phones.

Categories:

Tags:

(Read more…)

The post A week in security (January 6 – 12) appeared first on Malwarebytes Labs.

Read more

Threat spotlight: Phobos ransomware lives up to its name

Credit to Author: Jovi Umawing| Date: Fri, 10 Jan 2020 18:04:44 +0000

Phobos, which many believe was named after the Greek god of fear, isn’t as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive into Phobos ransomware and show users how to face their fears and protect against it.

Categories:

Tags:

(Read more…)

The post Threat spotlight: Phobos ransomware lives up to its name appeared first on Malwarebytes Labs.

Read more

The Hidden Cost of Ransomware: Wholesale Password Theft

Credit to Author: BrianKrebs| Date: Mon, 06 Jan 2020 18:17:21 +0000

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.

Read more

Ransomware: la minaccia informatica che non morirà

Credit to Author: Sophos Italia| Date: Mon, 16 Dec 2019 07:17:12 +0000

Potrebbe essere in circolazione da 30 anni, ma il ransomware continua a evolversi e mettere in ginocchio le organizzazioni. Assicurati di essere pronto per questo.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/eZuW02Zyh8Q” height=”1″ width=”1″ alt=””/>

Read more