Just a few weeks into the holiday season and Ryuk ransomware, among others, are making the news. Read articles about this menace and several others in our picks from the industry.

For more articles, check out our #onpatrol4malware blog.

Ryuk ransomware

Ryuk ransomware contains a bug causing data loss for some victims

Source: ZDNet

Cyber-security firm Emsisoft said it found a bug in the Ryuk ransomware decrypter app that makes file recovery impossible, even after paying the ransom demand. Read more.

Ryuk ransomware

Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe

Source: Threat Vector

Zeppelin is the newest member of the Delphi-based Ransomware-as-a-Service (RaaS) family initially known as Vega or VegaLocker. Read more.


The quiet evolution of phishing

Source: Microsoft

The battle against phishing is a silent one: every day, Office 365 Advanced Threat Protection detects millions of distinct malicious URLs and email attachments. Read more.

Ryuk ransomware

Cybercrime Groups Targeting Fuel Dispenser Merchants

Source: Visa

In summer 2019, Visa Payment Fraud Disruption (PFD) identified three unique attacks targetting merchant point-of-sale (POS) systems that were likely carried out by sophisticated cybercrime groups. Read more.

malicious Microsoft Office documents

Don’t fall for this porn scam – even if your password’s in the subject!

Source: Naked Security

Sextortion is the popular term for cybercrimes that combine sex or sexuality and extortion. Read more.

malicious Microsoft Office documents

OilRig’s Poison Frog – old samples, same trick

Source: Kaspersky

After we wrote our private report on the OilRig leak, we decided to scan our archives with our YARA rule, to hunt for new and older samples. Read more.


Gangnam Industrial Style: APT Campaign Targets Korean Industrial Companies

Source: CyberX

CyberX has uncovered an ongoing industrial cyberespionage campaign targeting hundreds of manufacturing and other industrial firms primarily located in South Korea. Read more.

malicious Microsoft Office documents

Windows Remote Desktop Services Used for Fileless Malware Attacks

Source: BleepingComputer

Threat actors breaching company networks are deploying a cornucopia of malware over the remote desktop protocol (RDP), without leaving a trace on target hosts. Read more.