Security News
The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. As Discord has become the community of choice for NFT platforms and cryptocurrency groups, stealing a moderator token or other verified community member could allow threat actors to conduct scams and steal funds.
Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims' data."There is no mechanism for removing files from the corruption queue, meaning that some files may be overwritten numerous times before the program terminates, while others may never have been selected," he explained.
Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems. This aligns with Microsoft's findings that DEV-0270 uses BitLocker, a data protection feature that provides full volume encryption on devices running Windows 10, Windows 11, or Windows Server 2016 and above.
I'm devastated to report that Peter Eckersley [], one of the original founders of Let's Encrypt, died earlier this evening [2022-09-02] at CPMC Davies Hospital in San Francisco. Peter was the leader of EFF's contributions to Let's Encrypt and ACME over the course of several years during which these technologies turned from a wild idea into an important part of Internet infrastructure.
The best option is to use a method to encrypt your outgoing emails to protect them against compromise. If you send a secure email to someone who doesn't have a Sendinc account, that person is prompted to set one up in order to read your email.
The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. With the latest release, the SOVA malware now targets over 200 banking, cryptocurrency exchange, and digital wallet applications, attempting to steal sensitive user data and cookies from them.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures and indicators of compromise to help security professionals detect and block attacks using this ransomware strain.
A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. On Wednesday, Korean cybersecurity experts at Ahnlab published a report on the Windows encryptor, and yesterday, security researchers at ReversingLabs published their technical analysis of the Linux version.
A new ransomware family dubbed Luna can be used to encrypt devices running several operating systems, including Windows, Linux, and ESXi systems.Discovered by Kaspersky security researchers via a dark web ransomware forum ad spotted by the company's Darknet Threat Intelligence active monitoring system, Luna ransomware appears to be specifically tailored to be used only by Russian-speaking threat actors.
The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average of 230 hours to complete their attacks and 1637.6 hours in 2019.