Just a few weeks into the holiday season and Ryuk ransomware, among others, are making the news. Read articles about this menace and several others in our picks from the industry.
For more articles, check out our #onpatrol4malware blog.
Ryuk ransomware contains a bug causing data loss for some victims
Source: ZDNet
Cyber-security firm Emsisoft said it found a bug in the Ryuk ransomware decrypter app that makes file recovery impossible, even after paying the ransom demand. Read more.
Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe
Source: Threat Vector
Zeppelin is the newest member of the Delphi-based Ransomware-as-a-Service (RaaS) family initially known as Vega or VegaLocker. Read more.
The quiet evolution of phishing
Source: Microsoft
The battle against phishing is a silent one: every day, Office 365 Advanced Threat Protection detects millions of distinct malicious URLs and email attachments. Read more.
Cybercrime Groups Targeting Fuel Dispenser Merchants
Source: Visa
In summer 2019, Visa Payment Fraud Disruption (PFD) identified three unique attacks targetting merchant point-of-sale (POS) systems that were likely carried out by sophisticated cybercrime groups. Read more.
Don’t fall for this porn scam – even if your password’s in the subject!
Source: Naked Security
Sextortion is the popular term for cybercrimes that combine sex or sexuality and extortion. Read more.
OilRig’s Poison Frog – old samples, same trick
Source: Kaspersky
After we wrote our private report on the OilRig leak, we decided to scan our archives with our YARA rule, to hunt for new and older samples. Read more.
Gangnam Industrial Style: APT Campaign Targets Korean Industrial Companies
Source: CyberX
CyberX has uncovered an ongoing industrial cyberespionage campaign targeting hundreds of manufacturing and other industrial firms primarily located in South Korea. Read more.
Windows Remote Desktop Services Used for Fileless Malware Attacks
Source: BleepingComputer
Threat actors breaching company networks are deploying a cornucopia of malware over the remote desktop protocol (RDP), without leaving a trace on target hosts. Read more.