A look back at the Zyns iframer campaign
We often get asked about drive-by download attacks, how they work, and specifically about what sites people may have visited just prior to getting infected. This is an interesting aspect when tracking campaigns and what they lead to. Typically, one can divide the drive-by landscape into two categories: malvertising and compromised websites. The former involves legitimate websites…
Ransomware disrupts Washington DC’s CCTV system
About 70 percent of the cameras hooked up to the police’s closed-circuit TV (CCTV) system in Washington, D.C., were reportedly unable to record footage for several days before President Trump’s inauguration due to a ransomware attack. The attack affected 123 of the 187 network video recorders that form the city’s CCTV system, the Washington Post reported…
Enhancing Enterprise Security for Ransomware Detection
Ransomware is a profitable business model for cyber criminals with 2016 payments closed at the billon dollar mark. According to a recent survey by IBM, nearly 70% of executives hit by ransomware have paid to get their data back. Those survey results do not include smaller organizations and consumers who are also paying to get their data…
Satan RaaS Promises Large Gains With Zero Coding Needed
A newly discovered family of ransomware is being offered via the Ransomware-as-a-Service (RaaS) business model, allowing cybercriminals to easily customize their own versions of the malware, researchers explain. Dubbed Satan, the new ransomware family was discovered by security researcher Xylitol and is available for any wannabe criminal, as the service only requires the creation of…
No more ransomware?
Ransomware was a billion dollar problem last year, and it’s getting worse. A new report from Cybersecurity Ventures details dozens of new ransomware attacks over the past 90 days. (Disclaimer: Steve Morgan is founder and CEO of Cybersecurity Ventures.) Organizations stricken by ransomware have been fighting back by providing security awareness training to their employees….
CryptoSearch Lets Users Move Ransomware-Encrypted Files
Being hit by ransomware usually means that you no longer have access to your files unless you pay a ransom or find another way to decrypt them, but a newly released tool allows users to move encrypted files to a new location. Dubbed CryptoSearch, and still a beta release, the application is powered by the…
Everyone Is $$$ To Cybercriminals Using Ransomware
More than 50 percent of those polled have been victims of ransomware in some way, shape, or form recently. Nineteen percent are being attack more than 50 times per month and a disturbing 42 percent don’t know how often they’re being attacked with ransomware. These stats should be major warning flags for defenders. Despite our…
Is Your Organization Prepared When the Extortionists Come Calling?
In 2016, Trend Micro partnered with ISMG to conduct a survey of financial, healthcare, and government organizations to better understand the challenges they are facing with ransomware. Some of the results surprised us while others were somewhat expected based on what we’ve saw throughout 2016. We all know ransomware has been a major pain for…
Decrypting CryptXXX version 3 — for free
In April 2016 a young and ambitious trojan cryptor known by the name CryptXXX was released. It was distributed by the infamous Angler and Neutrino exploit kits. It’s creators certainly hoped that after the release they could lay on the couch and watch the money flow from the victims pockets to their bitcoin wallets. But…
The Coolest Hacks Of 2016
In a year when ransomware became the new malware and cyber espionage became a powerful political propaganda tool for Russia, it’s easy to forget that not all hacking in 2016 was so ugly and destructive. Sure, cybercrime and cyber espionage this past year turned the corner into more manipulative and painful territory for victims. But…