While conducting incident response in early 2021, the French National Cybersecurity Agency (ANSSI) identified a new “Ryuk” ransomware variant that has the capability to self-propagate across victim networks. The variant was specifically observed targeting Windows systems in ransomware campaigns at the beginning of the year (2021). This Ryuk variant can wake up powered-off systems and move through victim networks using scheduled tasks. This enables Ryuk to infect as many hosts as possible, further incentivizing a victim payout. If proven an effective tactic, other ransomware variants could develop similar “wormable” capabilities where those developers have the technical sophistication to do so.
A new round of software attacks has raised another red flag concerning supply-chain security and the preval...
Most Recent Flipbooks
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022
Log4j bug exposes fragility of digital ecosystem worldwide. Plus information on Magecart home for the holidays, Emotet regaining power, and Muddywater APT group hunts for airline data via Slack.
Microsoft has allegedly halted a long-term cyber-espionage operation of “NICKEL”, a threat group linked to the People’s Republic of China (PRC).
Success of UK security bill depends on Internet of Things users
The well-established “Mozi” peer-to-peer (P2P) botnet has developed new persistence capabilities.