Category: ransomware

Auto Added by WPeMatico

Micro-Star International Signing Key Stolen

Posted on By infossl
ransomware, Security technology, signatures, supply chain, Uncategorized

Micro-Star International—aka MSI—had its UEFI signing key stolen last month. This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware … Read More “Micro-Star International Signing Key Stolen” »

Mass Ransomware Attack

Posted on By infossl
cyberattack, hacking, ransomware, Security technology, Uncategorized, vulnerabilities

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is … Read More “Mass Ransomware Attack” »

Ransomware Payments Are Down

Posted on By infossl
crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »

CryWiper Data Wiper Targeting Russian Sites

Posted on By infossl
data destruction, malware, ransomware, russia, Security technology, Uncategorized

Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that’s not vital for the functioning of the operating system. It doesn’t affect files with extensions .exe, .dll, .lnk, .sys or .msi, and ignores several system folders in the C:Windows directory. The malware … Read More “CryWiper Data Wiper Targeting Russian Sites” »

Breaking the Zeppelin Ransomware Encryption Scheme

Posted on By infossl
cryptanalysis, cybersecurity, encryption, ransomware, Security technology, Uncategorized

Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken: The researchers said their break came when they understood that while Zeppelin used three different types of encryption keys to encrypt files, they could undo the whole scheme by factoring or computing just one of them: An ephemeral RSA-512 public key that is … Read More “Breaking the Zeppelin Ransomware Encryption Scheme” »

Zero-Day Vulnerabilities Are on the Rise

Posted on By infossl
hacking, malware, ransomware, Security technology, Uncategorized, vulnerabilities, zero-day

Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark … Read More “Zero-Day Vulnerabilities Are on the Rise” »

A Detailed Look at the Conti Ransomware Gang

Posted on By infossl
leaks, ransomware, russia, Security technology, ukraine, Uncategorized

Based on two years of leaked messages, 60,000 in all: The Conti ransomware gang runs like any number of businesses around the world. It has multiple departments, from HR and administrators to coders and researchers. It has policies on how its hackers should process their code, and shares best practices to keep the group’s members … Read More “A Detailed Look at the Conti Ransomware Gang” »

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

Posted on By infossl
cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »

Decrypting Hive Ransomware Data

Posted on By infossl
academic papers, cryptanalysis, encryption, ransomware, Security technology, Uncategorized

Nice piece of research: Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money … Read More “Decrypting Hive Ransomware Data” »

New DeadBolt Ransomware Targets NAT Devices

Posted on By infossl
cyberattack, encryption, ransomware, Security technology, Uncategorized, zero-day

There’s a new ransomware that targets NAT devices made by QNAP: The attacks started today, January 25th, with QNAP devices suddenly finding their files encrypted and file names appended with a .deadbolt file extension. Instead of creating ransom notes in each folder on the device, the QNAP device’s login page is hijacked to display a … Read More “New DeadBolt Ransomware Targets NAT Devices” »