-
U.S. Data Center Provider Hit by Ransomware Attack
CyrusOne, a large data center provider in the U.S., announced on Thursday that some of its systems were affected by a ransomware attack.
- December 06, 2019
- 06:02 AM
0
-
Sodinokibi Ransomware Targeting Asia via the RIG Exploit Kit
A new malvertising campaign being used on low quality web games and blogs is redirecting Asian victims to the RIG exploit kit, which is then quietly installing the Sodinokibi Ransomware.
- November 11, 2019
- 11:56 AM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
GandCrab RaaS Was a Training Ground for Malware Distributors
GandCrab operators changed the ransomware business from the ground up, establishing a model that is embraced and continued by other cybercriminals.
- November 01, 2019
- 12:33 PM
- 0
-
Tools and Tactics of the Sodinokibi Ransomware Distributors
Using a network of honeypots, researchers from McAfee examined the tools and tactics used by the Sodinokibi Ransomware (REvil) affiliates to infect their victims with ransomware and compromise other machines on the network.
- October 21, 2019
- 12:01 AM
- 1
-
REvil Ransomware Affiliates Partner with Corporate Intruders
Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks.
- October 18, 2019
- 10:50 AM
- 0
-
Sodinokibi Ransomware: Following the Affiliate Money Trail
After a Sodinokibi ransomware affiliate posted partial transaction IDs for ransomware payments, researchers were able to use that information to follow the money trail for affiliates and in some cases, how they spend their illicit earnings.
- October 14, 2019
- 12:01 AM
- 0
-
The Week in Ransomware - October 4th 2019 - That's all Folks
This has been quite a busy week with lots of new variants, new ransomware attacks, including those targeting hospitals, and new information coming out about the REvil/Sodinokibi Ransomware.
- October 04, 2019
- 04:45 PM
- 0
-
Sodinokibi Ransomware Builds An All-Star Team of Affiliates
The Sodinokibi Ransomware (REvil) has been making news lately as they target the enterprise, MSPs, and government entities through their hand-picked team of all-star affiliates. These affiliates appear to have had a prior history with the GandCrab RaaS and use similar distribution methods.
- October 02, 2019
- 12:24 PM
- 0
-
REvil (Sodinokibi) Ransomware Targets Chinese Users with DHL Spam
A new spam campaign is underway that is targeting Chinese recipients to trick them into installing the REvil (Sodinokibi) Ransomware.
- September 26, 2019
- 12:39 PM
- 0
-
Destructive Ordinypt Malware Hitting Germany in New Spam Campaign
A new spam campaign is underway that pretends to be a job application from "Eva Richter" who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim's files by installing the Ordinypt Wiper.
- September 14, 2019
- 01:51 AM
- 0
-
Sodinokibi Ransomware Spreads via Fake Forums on Hacked Sites
A distributor for the Sodinokibi Ransomware is hacking into WordPress sites and injecting JavaScript that displays a fake Q & A forum post over the content of the original site. This fake post contains an "answer" from the site's "admin" that contains a link to the ransomware installer.
- September 02, 2019
- 11:27 AM
- 0
