Ransomware is a type of malware that is designed to take your system or files on your system hostage. The basic concept behind ransomware is pretty simple. An attacker prepares a payload that infiltrates a computer’s hard drive and encrypts the files in it.
Since March 2nd, 2023, intelligence from the Egress Intelligent Email Security platform shows Emotet malware being used within Microsoft OneNote attachments, as cybercriminals evolve their attacks in attempts to avoid detection. Emotet is sophisticated malware primarily used for stealing sensitive information, such as credentials, from the machines it infects.
According to the AV-TEST Institute, more than 1 billion strains of malware have been created, and more than 500,00 new pieces of malware are detected every day. One of the main reasons for this rapid growth is that malware creators frequently reuse source code. They modify existing malware to meet the specific objectives of an attack campaign or to avoid signature-based detection.
A new report from ENISA, the European Union Agency for Cybersecurity, looking at cyberattacks targeting the European transport network over a period of almost two years, has identified that ransomware has become the prominent threat. ENISA's report, its first ever analysis of the myriad of cybersecurity threats facing the transport sector in the EU, mapped and studied cyber incidents targeting aviation, maritime, railway, and road transport between January 2021 and October 2022.
AT&T Alien Labs researchers have discovered a new variant of BlackGuard stealer in the wild, infecting using spear phishing attacks. The malware evolved since its previous variant and now arrives with new capabilities.
Emotet is undoubtedly a very resilient botnet. Even though its operation was disrupted by Europol in January 2021, Emotet came back a few months later and continues to spread. In May 2022, shortly after Microsoft released new controls related to malicious macros, Netskope Threat Labs analyzed an Emotet campaign where they were testing a new delivery method, by using LNK files.
Ransomware as a Service (RaaS) has been a growing trend in recent years, enabling anyone with an internet connection to become a hacker. In the past, launching a ransomware attack required a high level of technical expertise, but RaaS has lowered the barrier to entry, making it easier for anyone to launch a ransomware attack. So, how does RaaS work, and what are the implications for businesses and individuals?
The San Francisco 49ers, confirmed a ransomware attack, Cisco was attacked by the Yanluowang ransomware gang, and Entrust was attacked by Lockbit. And that’s just a handful of ransomware accounts noted in 2022.
News broke in early February that the ACN, Italy’s National Cybersecurity Agency, issued a warning regarding a VMware vulnerability discovered two years ago. Many organizations hadn’t yet patched the issue and became the victims of a new ransomware called ZCryptor. The malicious software wreaked havoc on Italian and European businesses by encrypting users’ files and demanding payment for the data to be unencrypted.
