This Service Helps Malware Authors Fix Flaws in their Code

Credit to Author: BrianKrebs| Date: Mon, 18 May 2020 15:31:17 +0000

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.

Read more

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

Credit to Author: Eric Avena| Date: Tue, 28 Apr 2020 16:00:49 +0000

Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.

The post Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk appeared first on Microsoft Security.

Read more

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do

Credit to Author: Eric Avena| Date: Wed, 01 Apr 2020 16:00:13 +0000

Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.

The post Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do appeared first on Microsoft Security.

Read more

Ransomware at IT Services Provider Synoptek

Credit to Author: BrianKrebs| Date: Sat, 28 Dec 2019 01:49:05 +0000

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible. Irvine, Calif.-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries, including state and local governments, financial services, healthcare, manufacturing, media, retail and software. The company employs nearly a thousand employees and brought in more than $100 million in revenue in the past year.

Read more

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Credit to Author: BrianKrebs| Date: Tue, 17 Dec 2019 02:21:23 +0000

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of acquiescing to their tormentors.

Read more

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Credit to Author: BrianKrebs| Date: Sat, 07 Dec 2019 21:17:24 +0000

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service.

Read more

Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void

Credit to Author: Jovi Umawing| Date: Thu, 18 Jul 2019 17:58:26 +0000

There’s a new ransomware-as-a-service (RaaS) in town, and it can twist tongues for giggles as much as twist organizations’ arms for cash. Get to know the Sodinokibi ransomware, including how to protect against this fledgling threat.

Categories:

Tags:

(Read more…)

The post Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void appeared first on Malwarebytes Labs.

Read more

Is ‘REvil’ the New GandCrab Ransomware?

Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2019 15:58:30 +0000

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.”

Read more