Articles from the last couple of weeks reveal interesting new research about a method to fight ransomware by using flash-based storage on devices to save files. That’s especially good news because Shade and Sodinokibi ransomwares have been more active. We also learn about the VPN industry having a limited number of owners representing lots of products, which brings privacy concerns to the forefront.

For more articles, check out our #onpatrol4malware blog.

fight ransomware

Researchers fight ransomware attacks by leveraging properties of flash-based storage 

Source: HelpNet Security

In a new paper [researchers] look at how they can use the commodity storage devices already in a computer, to save the files without having to pay the ransom. Read more.

Microsoft Office

Microsoft Warns of Malspam Campaign Abusing Office Vulnerability to Distribute Backdoor

Source: Tripwire

Microsoft is warning users to be on the lookout for a malspam campaign that’s abusing an Office vulnerability in order to distribute a backdoor.a Read more.

macro malware

Hidden VPN owners unveiled: 97 VPN products run by just 23 companies

Source: VPNPro

Our research shows that at least 97 VPN products are owned or operated by only 23 companies. This includes both cross-platform and mobile-only VPN products. Read more.

Windows updates

10 years of virtual dynamite: A high-level retrospective of ATM malware

Source: Cisco Talos

It has been 10 years since the discovery of Skimer, first malware specifically designed to attack automated teller machines (ATMs). Read more.

fight ransomware

A dive into Turla PowerShell usage 

Source: ESET

Turla is believed to have been operating since at least 2008, when it successfully breached the US military. More recently, it was involved in major attacks against the German Foreign Office and the French military. Read more.

Fight ransomware

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises

Source: SecurityIntelligence

Recent variants of Sodinokibi accounted for scaling issues as the ransomware family steadily moves to target large enterprises. Read more.

fight ransomware

Shade Ransomware is very active outside of Russia and targets more English-speaking victims

Source: Security Affairs

Shade is considered one of the most dangerous threats in the cyber crime scenario, it has been active at least since 2014 when a massive infection was observed in Russian. Read more.