While conducting incident response in early 2021, the French National Cybersecurity Agency (ANSSI) identified a new “Ryuk” ransomware variant that has the capability to self-propagate across victim networks. The variant was specifically observed targeting Windows systems in ransomware campaigns at the beginning of the year (2021). This Ryuk variant can wake up powered-off systems and move through victim networks using scheduled tasks. This enables Ryuk to infect as many hosts as possible, further incentivizing a victim payout. If proven an effective tactic, other ransomware variants could develop similar “wormable” capabilities where those developers have the technical sophistication to do so.
A new round of software attacks has raised another red flag concerning supply-chain security and the preval...
Most Recent Flipbooks
Main story: Ransom Cartel and REvil: Partners in cybercrime?
Main story: Hacktivists fan flames of Iranian anti-regime protests
Main story: ProxyNotShell spells déjà vu for MS Exchange Server defenders
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts