Ransomware dev releases Egregor, Maze master decryption keys on bleepingcomputer forum https://www.bleepingcomputer.com/ne...releases-egregor-maze-master-decryption-keys/
Blackbyte ransomware hits San Francisco 49ers ahead of Super Bowl "The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. While the 49ers did not confirm whether hackers successfully deployed the ransomware, they said they are still in the process of recovering systems, indicating that devices were likely encrypted..." https://www.bleepingcomputer.com/ne...sco-49ers-hit-by-blackbyte-ransomware-attack/
The Week in Ransomware - February 18th 2022 - Mergers & Acquisitions https://www.bleepingcomputer.com/ne...-february-18th-2022-mergers-and-acquisitions/
Ransomware extortion doesn't stop after paying the ransom https://www.bleepingcomputer.com/ne...xtortion-doesnt-stop-after-paying-the-ransom/
Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm https://thehackernews.com/2022/02/master-key-for-hive-ransomware.html
"Two ransomware gangs hacked the same target at the same time: Here's what happened next... A healthcare provider fell victim to two simultaneous cyber attacks by two separate ransomware gangs using different techniques to exploit unpatched security vulnerabilities in Microsoft Exchange Server at the same time, which even led to the second ransomware attack encrypting the ransom note left by the first..." https://www.zdnet.com/article/two-r...et-at-the-same-time-heres-what-happened-next/
Conti Ransomware Decryptor, TrickBot Source Code Leaked https://threatpost.com/conti-ransomware-decryptor-trickbot-source-code-leaked/178727/
Free HermeticRansom Ransomware Decryptor Released https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/
The Week in Ransomware - March 18th 2022 - Targeting the auto industry https://www.bleepingcomputer.com/ne...-march-18th-2022-targeting-the-auto-industry/
"Russian-based ransomware group Conti has its source code leaked A Ukrainian security researcher just shared the source code of an infamous Russian-based ransomware group..." https://www.windowscentral.com/russian-based-ransomware-group-conti-has-source-code-leaked "Hacker leaked a new version of Conti ransomware source code on Twitter..." https://securityaffairs.co/wordpres...cker-leaked-conti-ransomware-source-code.html
Ransomware tries to deletes files and render the system unusable. https://www.zdnet.com/article/every...-wipe-windows-pcs-if-its-victims-dont-pay-up/
"Instead of attackers using the threat of leaking a victim's files to pressure them into paying, LokiLock's customers threaten to overwrite a victim's Windows Master Boot Record (MBR), which wipes all files and renders the machine unusable." I like to think that restoring an image would still work, wouldn't it?
Ten notorious ransomware strains put to the encryption speed test https://www.bleepingcomputer.com/ne...are-strains-put-to-the-encryption-speed-test/
I was wondering, what file formats ransomware does not encrypt? Like .sys, .log or? Lets say that I backup some files and put the mentioned extensions instead, it would not touch it?
Hello @TairikuOkami Although that could be an interesting technique to try, it seems that not exactly file formats, but some languages may have some immunity. Perhaps you too may have recalled reading that some ransomware groups, (DarkSide et al) with close ties to the Russian Federation, will not attack some (Windows®) victim systems detected to use the Russian & Ukrainian languages. One trouble being that several dozens of languages are used between the Russian Federation and Ukraine. Attribution: https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/ HTH
Fake Windows 10 updates infect you with Magniber ransomware https://www.bleepingcomputer.com/ne...-updates-infect-you-with-magniber-ransomware/
New ransomware demands victims to donate to poor https://www.independent.co.uk/tech/ransomware-goodwill-cyber-security-cloudsec-b2085089.html
Ransomware group ups pressure on victims with new extortion tactic https://blog.emsisoft.com/en/41331/ransomware-group-pressure-victim-with-new-tactic/