-
Meet NoEscape: Avaddon ransomware gang's likely successor
The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and released its decryption keys in 2021.
- July 17, 2023
- 10:15 AM
0
-
Royal ransomware gang adds BlackSuit encryptor to their arsenal
The Royal ransomware gang has begun testing a new encryptor called BlackSuit that shares many similarities with the operation's usual encryptor.
- June 08, 2023
- 03:12 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Linux version of RTM Locker ransomware targets VMware ESXi servers
RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on VMware ESXi servers.
- April 27, 2023
- 12:20 PM
- 1
-
LockBit ransomware encryptors found targeting Mac devices
The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS.
- April 16, 2023
- 01:31 PM
- 7
-
IceFire ransomware now encrypts both Linux and Windows systems
Threat actors linked to the IceFire ransomware operation are now actively targeting Linux systems worldwide with a new dedicated encryptor.
- March 09, 2023
- 09:00 AM
- 2
-
LockBit ransomware goes 'Green,' uses new Conti-based encryptor
The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware.
- February 01, 2023
- 05:48 PM
- 0
-
Ransom Cartel linked to notorious REvil ransomware operation
Threat analysts have connected the pieces that link the Ransom Cartel RaaS (ransomware-as-a-service) to the REvil gang, one of the most notorious and prolific ransomware groups in recent years.
- October 18, 2022
- 05:49 PM
- 0
-
LockBit ransomware builder leaked online by "angry developer"
The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.
- September 21, 2022
- 02:07 PM
- 0
-
Cuba ransomware returns to extorting victims with updated encryptor
The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks.
- June 08, 2022
- 10:55 AM
- 0
-
Beware: Onyx ransomware destroys files instead of encrypting them
A new Onyx ransomware operation is destroying large files instead of encrypting them, preventing those files from being decrypted even if a ransom is paid.
- April 27, 2022
- 08:16 PM
- 0
-
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim's ransom negotiations.
- March 27, 2022
- 03:18 PM
- 0
-
More Conti ransomware source code leaked on Twitter out of revenge
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine.
- March 20, 2022
- 07:20 PM
- 1
-
Linux version of LockBit ransomware targets VMware ESXi servers
LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines.
- January 26, 2022
- 06:40 PM
- 0
-
RansomEXX ransomware Linux encryptor may damage victims' files
Cybersecurity firm Profero has discovered that the RansomExx gang does not correctly lock Linux files during encryption, leading to potentially corrupted files.
- September 30, 2021
- 09:00 AM
- 0
-
Linux version of BlackMatter ransomware targets VMware ESXi servers
The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform.
- August 05, 2021
- 05:32 PM
- 0
-
REvil ransomware's new Linux encryptor targets ESXi virtual machines
The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines.
- June 28, 2021
- 05:26 PM
- 0
- 1
- 2
