Security News
New Mexico school districts, universities, and government agencies have collectively spent millions of dollars to regain control of their computer systems after employees unknowingly opened emails containing an encrypted code that effectively shut them out of their systems. The ransomware attacks occurred between January 2018 and February 2020, and have put school districts and agencies on edge amid warnings of more technology terror, the Albuquerque Journal reports.
This week, Duck advises on how to keep your company safe while working remotely, Peter discusses malwareless ransomware attacks, and Mark shares the latest in the EARN IT saga. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.
Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic. Laurence Abrams, who runs the security news site Bleeping Computer, reports that he made contact with "The operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to ask if they would continue targeting health and medical organizations during the outbreak."
Ransomware operators of DoppelPaymer and Maze malware stated that they will not target medical organisations during the current pandemic. Laurence Abrams, who runs the security news site Bleeping Computer, reports that he made contact with "The operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to ask if they would continue targeting health and medical organizations during the outbreak."
Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention. Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."
Ransomware attacks are still happening, and more employees need to be trained on how to prevent them. TechRepublic's Karen Roby spoke with Rahul Kashyap, president and CEO of Awake Security, about the prevalence of ransomware and how to prevent it.
Ransomware attacks are still happening, and more employees need to be trained on how to prevent them.
Most ransomware is deployed after hours, and usually several days after the initial compromise, newly published research from FireEye reveals. While performing an analysis of dozens of incidents between 2017 and 2019, FireEye discovered common characteristics related to infection vectors, dwell time, and time of day of ransomware deployment, while also identifying innovations that operators adopted to maximize profits.
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found. A new type of ransomware known as CovidLock encrypts key data on an Android device and denies access to the victims unless they pay up, according to the threat intelligence firm DomainTools.
In most cases of human-operated ransomware attacks against enterprises, the hackers don't trigger the malware immediately: according to FireEye researchers, in most of cases, at least three days passed between the first evidence of malicious activity and ransomware deployment. What are the attackers waiting for? One of the reasons for the delay is the wish to spread the ransomware to many systems before running it.