Tag: Ransomware

Black Basta ransomware detection
Detecting QakBot Malware Campaign Leading to Black Basta Ransomware Infections

Ransomware is a number one threat posing a significant menace to security defenders worldwide, with the attack trend constantly growing throughout 2021-2022. Recently, security experts revealed a massive QakBot malware campaign increasingly targeting U.S.-based vendors to deliver Black Basta ransomware.  During the last decade of November 2022, at least 10 businesses in the United States […]

Read More
Black Basta Ransomware Attack Detection
Black Basta Ransomware Attack Detection: Recent Malicious Campaigns Using New Custom Tools Attributed to the FIN7 Group

The Black Basta ransomware group emerged in the cyber threat arena in April 2022. Although the hacking collective can be considered relatively new to the cyber offensive domain, they have already gained a notorious reputation for rapidly evolving its adversary toolkit and adapting more sophisticated tools. Cybersecurity researchers tie the latest activity of Black Basta […]

Read More
Magniber Ransomware Detection
Magniber Ransomware Detection: Threat Actors Spread JavaScript Files Targeting Windows Users

Throughout 2021-2022, ransomware continues to be one of the dominant trends in the cyber threat landscape, illustrated by the increasing sophistication of intrusions and a rapidly growing number of ransomware affiliates. Cybersecurity researchers warn of the ongoing malicious campaigns, which target Windows users and distribute Magniber ransomware disguised as software updates. Detect Magniber Ransomware Magniber […]

Read More
BlackByte ransomware disabling EDR protection
BlackByte Ransomware Detection: Threat Actors Exploit CVE-2019-16098 Vulnerability in RTCore64.sys Driver to Bypass EDR Protection

BlackByte ransomware reemerges in the cyber threat arena exploiting a security flaw in legitimate drivers to disable EDR products on compromised devices. Cybersecurity researchers have revealed that ransomware operators apply an advanced adversary technique dubbed “Bring Your Own Driver” enabling them to bypass security products and spread infection on vulnerable machines. Detect BlackByte Ransomware Used […]

Read More
Novel Cheerscrypt Ransomware
Cheerscrypt Ransomware Detection: China-Backed Hackers, Emperor Dragonfly aka Bronze Starlight, Are Behind Ongoing Cyber Attacks

Cybersecurity researchers have recently uncovered novel Cheerscrypt Linux-based ransomware. The delivery of ransomware strains has been linked to the China-backed group Emperor Dragonfly also tracked as Bronze Starlight. The hacking collective was also spotted in earlier cyber attacks spreading encrypted Cobalt Strike beacons after gaining initial access to VMware Horizon servers and exploiting the infamous […]

Read More
Vice-Society-Gang
LAUSD Ransomware Attack: Vice Society Claims Compromising the Largest School District in the US

Ransomware operators constantly seek lucrative and feasible extortion opportunities, affecting a wide array of organizations across industries. One of the latest examples of successful breaches is the Vice Society gang’s attack against the Los Angeles Unified School District that happened over the Labor Day weekend. The attack caused widespread disruption, affecting several information management systems. […]

Read More
What is Ransomware Detection? How to Detect Ransomware

The method of a secure cryptographic key exchange was introduced by Whitfield Diffie and Martin Hellman in 1976. Cool thing about the public and private key pair is that the decryption key cannot be deciphered in any way from an encryption key.  This feature is exactly what’s exploited by ransomware actors who encrypt data and […]

Read More
Agenda Ransomware
Golang-Based Agenda Ransomware Detection: New Strain Began Sweeping Across Asia and Africa

Researchers warn of a new ransomware family: a novel strain called Agenda sails in, targeting healthcare and education entities. Similar to another emerging piece written in Go language (aka Golang) dubbed BianLian, this cross-platform threat is gaining popularity with affiliates for its versatility and easy-to-tweak elements of the campaign, including encryption extension, personalized ransomware note […]

Read More
What Is Malware? Malware Types to Watch Out For

Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a user’s system or in any other way hazardous for targeted individuals and enterprises.  Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]

Read More
New HavanaCrypt Ransomware
HavanaCrypt Ransomware Detection: New Ransomware Family Wreaks Havoc

A new ransomware package dubbed HavanaCrypt quickly catapulted into operation earlier this summer and has already caused a fair share of trouble. HavanaCrypt is a .NET-compiled malware that uses an open-source obfuscation tool dubbed Obfuscar to facilitate code security in a .NET assembly. The ransomware operators use Microsoft Web hosting service IP address as its […]

Read More