Security News

Want to know why ransomware is still rampant? One in three surveyed folks in North Americans said they would be willing to pay up to unscramble their files once their personal systems were infected. The Russian security house polled more than 2,000 business workers in the US, and 1,000 in Canada, in an online study, and found that 33 per cent would cough up at least some money to cyber-extortionists to get their data back on their own personal machines.

Beyond using technology, one key way to combat ransomware is through training, ensuring that your employees understand ransomware, can identify it, and can avoid falling prey to it. The survey was designed to find out how much they know about ransomware and its potential impact on themselves and their companies.

This week we bring you the podcast from our makeshift home studios. We discuss Dharma ransomware, the tour guide who turned out to be a Chinese spy, and why thousands of dark web sites suddenly vanished.

"We're seeing from signals in Microsoft Threat Protection services that the attackers behind the REvil ransomware are actively scanning the internet for vulnerable systems. Attackers have also been observed using the updater features of VPN clients to deploy malware payloads," the company shared. Human-operated ransomware campaigns targeting organizations have became the prevalent type of attack that involves the use of ransomware.

"To combat ransomware and other threats, I advise IT security organizations to invest wisely in products that continuously discover and patch vulnerabilities, uncover advanced threats using machine learning and artificial intelligence, and continuously back up their data everywhere." The report found 85 percent of organizations are experiencing a shortfall of skilled IT security personnel, and survey respondents cited "Lack of skilled personnel" as their biggest obstacle to adequately defending against cyberthreats.

The source code for ransomware-as-a-service strain Dharma could now be in the hands of more cybercriminals, as hackers have reportedly put it up for sale for just $2,000. Dharma evolved from the CrySIS RaaS variant after an anonymous source posted the CrySIS decryption keys online in 2016, and again several times through 2017.

Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.

Here are steps hospital IT admins can take to prevent ransomware and safeguard patient data. Health agencies, and medical facilities can be particularly exposed to ransomware as they hold sensitive research information and patient data that they can't afford to lose.

Menlo Security, a leader in cloud security, announced its Global Cloud Proxy Platform built on an Isolation Core is integrated with VMware Workspace ONE Unified Endpoint Management to deliver mobile isolation capabilities. The solution will allow Workspace ONE UEM customers to better protect mobile devices from ransomware and phishing attacks by isolating threats in the cloud and preventing them from reaching the endpoint.

The latest ransomware campaigns are targeting businesses and their remote workers through such methods as phishing emails and vulnerabilities in Microsoft's Remote Desktop Protocol. There are ways to strengthen your defense against these ransomware attacks, as described by Beazley Breach Response Services.