Tag: Ransomware

LAUSD Ransomware Attack: Vice Society Claims Compromising the Largest School District in the US

Ransomware operators constantly seek lucrative and feasible extortion opportunities, affecting a wide array of organizations across industries. One of the latest examples of successful breaches is the Vice Society gang’s attack against the Los Angeles Unified School District that happened over the Labor Day weekend. The attack caused widespread disruption, affecting several information management systems. […]

Read More
What is Ransomware Detection? How to Detect Ransomware

The method of a secure cryptographic key exchange was introduced by Whitfield Diffie and Martin Hellman in 1976. Cool thing about the public and private key pair is that the decryption key cannot be deciphered in any way from an encryption key.  This feature is exactly what’s exploited by ransomware actors who encrypt data and […]

Read More
Agenda Ransomware
Golang-Based Agenda Ransomware Detection: New Strain Began Sweeping Across Asia and Africa

Researchers warn of a new ransomware family: a novel strain called Agenda sails in, targeting healthcare and education entities. Similar to another emerging piece written in Go language (aka Golang) dubbed BianLian, this cross-platform threat is gaining popularity with affiliates for its versatility and easy-to-tweak elements of the campaign, including encryption extension, personalized ransomware note […]

Read More
What Is Malware? Malware Types to Watch Out For

Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a user’s system or in any other way hazardous for targeted individuals and enterprises.  Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]

Read More
New HavanaCrypt Ransomware
HavanaCrypt Ransomware Detection: New Ransomware Family Wreaks Havoc

A new ransomware package dubbed HavanaCrypt quickly catapulted into operation earlier this summer and has already caused a fair share of trouble. HavanaCrypt is a .NET-compiled malware that uses an open-source obfuscation tool dubbed Obfuscar to facilitate code security in a .NET assembly. The ransomware operators use Microsoft Web hosting service IP address as its […]

Read More
Redeemer 2.0 Ransomware
Redeemer Ransomware Detection: New Version Distributed on Underground Forums

The Redeemer ransomware builder’s author put a new spin on the malware’s software, distributing its new version on cybercrime forums. Redeemer 2.0 ransomware version is written in C++ and is built to infect Windows OS hosts. The first version of Redeemer was released in the Summer of 2021, followed by its upgraded variant published last […]

Read More
Zeppelin Ransomware Detection
Zeppelin Ransomware Detection: CISA and FBI Issue a Joint Advisory for Enhanced Protection Against RaaS Threats

According to SOC Prime’s Detection as Code Innovation Report covering the threat landscape of 2021-2022, the Ransomware-as-a-Service (RaaS) model is gaining a monopoly in the cyber threat arena, with the majority of ransomware affiliates involved in diverse RaaS campaigns. On August 11, 2022, CISA, in conjunction with the FBI, issued a joint cybersecurity advisory on […]

Read More
BlueSky Ransomware Detection
BlueSky Ransomware Detection: Targets Windows Hosts and Leverages Multithreading for Faster Encryption

BlueSky ransomware represents a rapidly evolving malware family that involves sophisticated anti-analysis capabilities and constantly enhances its evasion techniques. BlueSky ransomware targets Windows hosts and relies on a multithreading technique for faster file encryption. Cybersecurity researchers attribute the revealed ransomware patterns to the adversary activity of the infamous Conti ransomware group, which has long been […]

Read More
Cuba Ransomware Resurfaces
Cuba Ransomware Detection: Tropical Scorpius Threat Actors Deploy Novel RAT Malware in Targeted Attacks

High-profile ransomware attacks illustrate a growing trend in the cyber threat arena in 2021-2022, with the majority of ransomware affiliates engaged in various ransomware-as-a-service (RaaS) programs. In May 2022, cybersecurity researchers noticed novel adversary campaigns deploying Cuba ransomware attributed to the malicious activity of a hacking group tracked as Tropical Scorpius. In these latest attacks, […]

Read More
Cisco Security Breach
Cisco Hacked by Yanluowang: Detect Relevant Malicious Activity With Sigma Rules Kit

On August 10, 2022, Cisco officially confirmed its corporate network hack by the Yanluowang ransomware group earlier this year. The tech giant claims that the breach was reported internally on May 24 and was further investigated by Cisco Security Incident Response (CSIRT) team. This Cisco’s security incident made the headlines after the Yanluowang threat actors […]

Read More