New Cerber ransomware variant steals Bitcoin wallets, passwords
Here’s a new reason to fear ransomware more than ever before: a new variant of Cerber has been modified to steal Bitcoin wallets and passwords before encrypting victims’ files and demanding ransom. Two ways to profit off of one infection The new and improved Cerber searches for wallet files of three Bitcoin wallet applications (Bitcoin…
The 5 biggest ransomware attacks of the last 5 years
While the last few years have seen a remarkable uptick in this particularly nasty genre of attack software, ransomware isn’t new. Malware that holds data for ransom has been around for years. In 1991, a biologist spread PC Cyborg, the first ever ransomware, by sending floppy disks via surface mail to other AIDS researchers, for…
One in Ten U.S. Organizations Hit by WannaCry: Study
A recent survey discovered that the vast majority of organizations in the United States weren’t prepared for the WannaCry ransomware attack, but just one in ten ended up being infected by the malware. WannaCry stormed the world in mid-May by leveraging a previously patched exploit called EternalBlue, which hacker group Shadow Brokers allegedly stole from the NSA-linked Equation…
Forecasting the Future of Ransomware
There’s no question that ransomware is one of the most formidable threats to a business. With so much riding on digitized data, important applications and other systems, any interruption to access of these crucial assets can quickly spell disaster for an organization. Despite efforts on the part of enterprises to educate staff and enhance their…
BEC Attacks Far More Lucrative than Ransomware over Past 3 Years
BEC fraud netted cyberthieves five times more profit than ransomware over a three-year period, according to Cisco’s midyear report released today. Despite all the recent attention paid to ransomware, cybercriminals walked away with $5.3 billion from business email compromise (BEC) attacks compared with $1 billion for ransomware over a three-year stretch, according to Cisco’s 2017…
Rising information security threats, and what to do about them
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to every CISO. According to Ziv Mador, VP of Security Research at Trustwave’s SpiderLabs, the current major and, unfortunately, rising threats are ransomware, CEO email attacks (BEC scams),…
The Law of Unintended Outbreak – Who Is at Risk from Petya?
Hot on the heels of the global WannaCry outbreak in May, yesterday saw a wave of what looked like copycat malware sweeping the globe again. However, on closer inspection there may more to this than meets the eye, more than a simple new variant of an already established ransomware borrowing propagation techniques from WannaCry. The…
Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe
Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft…
With ransomware, pay up if you want to keep paying
A hospital CEO is contacted in the middle of the night with a dire warning. Hackers have taken control of computer systems used for patient care, CT scans, and lab work. The hacker wants money. Rather than pay the ransom, the hospital CEO enlists several experts to try to break back into the system. It…
WannaCry? You’re Not Alone: The 5 Stages of Security Grief
When it comes to securing the enterprise, the attackers have the advantage. Defenders are required to protect against every conceivable threat while the attacker needs only a single attack vector to penetrate a network. The universe of potential intrusion vectors is vast: faulty authentication mechanisms, gaps in the perimeter network, legacy applications, and, of course,…