In September of 2021, a new malware family named SquirrelWaffle joined the threat landscape. It spread through infected Microsoft Office documents attached in spam emails. The infection flow starts with a ZIP file that contains the infected Office document. When the file is opened by the victim, the malicious VBA macros download SquirrelWaffle DLL, which eventually leads to deploying another threat, such as CobaltStrike or QakBot.

Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross.

Ransomware attacks are here to stay, so it is vital to be prepared and don't become a statistic. Here are 5 tips to help protect your organization.

At the Rubrik Data Security Summit, leaders from both the public and private sectors discussed an important topic: ransomware. Cyber threats continue to expand in both volume and sophistication with attacks growing at a rate of 150% annually. As attackers increasingly target backups, it will be even more paramount for policies and guidance from government agencies to match the security innovation of private sector businesses to mitigate the risks of this cyber pandemic head-on.

Despite the steady drumbeat of hacks that are reported on a nearly weekly basis, it is safe to say that cybersecurity is still far from a “top of mind issue” for most people. Massive data breaches like Equifax, Marriott, and many, many more are chalked up to being yet another part of the modern life. While each of those cybersecurity incidents was quite serious in its own right, for the public whose data were compromised, they represented more of an inconvenience than a serious concern.

2021 has witnessed a surge of ransomware attacks. Also, the attackers are targeting businesses that are critical to the public infrastructure, such as oil pipelines and international meat producers. Further, the demands for ransom have increased and the cost of clean-up has also doubled over the last year. There are two major reasons for this sudden spike in ransomware attacks: Like SaaS, RaaS also has a flexible business approach.

The 2021 Egnyte Data Governance Trends Report contains a plethora of interesting findings that offer insight into how we’ve been working collaboratively during the global pandemic, and the security threats that have arisen as a result.

The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands. In an updated advisory, the Department of Treasury’s Office of Foreign Assets Control (OFAC) has called upon businesses not to pay ransoms, and to focus on cybersecurity measures that can prevent or mitigate ransomware attacks.

Kroll has observed an uptick in actors offering network access on the dark web, particularly in the wake of recent disruptions to the ransomware-as-a-service (RAAS) ecosphere such as the ban on ransomware discussions in notorious underground criminal forums.