Proof-of-concept ransomware to poison the water supply http://www.welivesecurity.com/2017/...Feed: eset/blog (ESET Blog: We Live Security)
RDP Tops Email for Ransomware Distribution: Report http://www.securityweek.com/rdp-tops-email-ransomware-distribution-report
https://www.bleepingcomputer.com/ne...s-a-petya-offspring-used-in-targeted-attacks/ What's interesting about this ransomware is the author hacked the original ransomware author.
Star Trek Themed Kirk Ransomware https://www.bleepingcomputer.com/ne...mware-brings-us-monero-and-a-spock-decryptor/
"Ransomware-As-A-Service: The Next Great Cyber Threat?... ...RaaS (Ransomware-As-A-Service) is designed to make cybercrime accessible to anyone, no matter how limited their programming mastery. Advanced cybercriminals author the malicious code, then make it available for others to download and use. The authors may provide the ransomware for free or charge a small fee up front, often opting to take a cut of each ransom. This incentivizes a higher volume of attacks and higher ransom requests..." https://www.forbes.com/sites/forbes...ice-the-next-great-cyber-threat/#ba663114123a
Here is a my real life example of how it was and wasn't the IT people's fault. at the last place I worked, My manager received an e-mail that had Poweliks in it which I am sure he clicked on and it infected the rest of the network. I was the only one on Windows 7 at the time. The only software they had was Norton Endpoint. Norton would alert that I was infected. Said it cleaned it, reboot and was back. I installed Malwarbytes to no avail. Found a cleaning app from Eset which cured my computer but not the others. Manager was inflamed because he received a lot of email every day from customers. He is the problem. We techs needed admin rights because we were always installing new software for the products we worked on. And of course the Owner and manager had admin rights. The management new we needed admin rights and so that is what the IT people were told. I am sure their are plenty tech companies around that need to have their employees in admin mode. And so it is not so cut and dry. To not have my company that I worked for employees admin rights would cost them a tone of downtime and money.
Cerber Ransomware Served Up From HTTPS Web Site According to this TrendMicro article: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/w2km_cerber.ppdoh , this Cerber variant arrives in e-mail as an embedded macro in a Word document. Not anymore! Eset nailed it upon web site access and couldn't think of a better example for why SSL protocol scanning needs to be employed. Below are Eset log details: Time: 3/30/2017 3:16:03 PM Scanner: HTTP filter Object type: file Object: hxxps://www. greyhathacker.net/?p=948 Threat: PowerShell/TrojanDownloader.Agent.DV trojan Action: connection terminated User: XXX-PC\XXX-XXXX Information: Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe (8288B566340C2BFEC37768F5A029027DDA7C2A5B) Hash: 793568AC8277B3F03FAC123E0898A16AF1E103A5 First seen here:
Skype Users Hit By Ransomware Through In-App Malicious Ads http://www.zdnet.com/article/skype-served-up-malware-through-in-app-malicious-ads/ -EDIT- A bit more detail of this attack here: https://www.bleepingcomputer.com/news/security/skype-malvertising-campaign-pushes-fake-flash-player/