Lawrence Abrams – Page 2 – WindowsTechs.com

U.K. Hospitals Hit in Widespread Ransomware Attack

Posted on May 12, 2017 by BrianKrebs

At least 16 hospitals in the United Kingdom are being forced to divert emergency patients today after computer systems there were infected with ransomware, a type of malicious software that encrypts a victim’s documents, images, music and other files unless the victim pays for a key to unlock them.

It remains unclear exactly how this ransomware strain is being disseminated and why it appears to have spread so quickly, but there are indications the malware may be spreading to vulnerable systems through a security hole in Windows that was recently patched by Microsoft. Continue reading U.K. Hospitals Hit in Widespread Ransomware Attack→

Keys for Dharma Ransomware Released

Posted on March 2, 2017 by Chris Brook

Decryption keys for the Dharma strain of ransomware have been released. Continue reading Keys for Dharma Ransomware Released→

Sage and Satan Ransomware, Double Trouble

Posted on January 23, 2017 by Michael Mimoso

A spam campaign has started spreading Sage ransomware, while a ransomware service known as Satan allows users to customize distribution. Continue reading Sage and Satan Ransomware, Double Trouble→

FireCrypt Ransomware Contains DDoS Functionality

Posted on January 5, 2017 by Chris Brook

In addition to encrypting files, a new strain of ransomware, FireCrypt, also attempts to carry out a weak DDoS attack.
Continue reading FireCrypt Ransomware Contains DDoS Functionality→

Before You Pay that Ransomware Demand…

Posted on December 22, 2016 by BrianKrebs

A decade ago, if a desktop computer got infected with malware the chief symptom probably was an intrusive browser toolbar of some kind. Five years ago you were more likely to whacked by a banking trojan that stole all your passwords and credit card numbers. These days if your mobile or desktop computer is infected what gets installed is likely to be “ransomware” — malicious software that locks your most prized documents, songs and pictures with strong encryption and then requires you to pay for a key to unlock the files. Continue reading Before You Pay that Ransomware Demand…→

CrySis Ransomware Master Decryption Keys Released

Posted on November 14, 2016 by Michael Mimoso

The master decryption keys unlocking files encrypted by the CrySis ransomware have been released. Kaspersky Lab has already updated its Rakhni decryptor to help victims restore their data. Continue reading CrySis Ransomware Master Decryption Keys Released→

Ransomware Getting More Targeted, Expensive

Posted on September 15, 2016 by BrianKrebs

I shared a meal not long ago with a source who works at a financial services company. The subject of ransomware came up and he told me that a server in his company had recently been infected with a particularly nasty strain that spread to several systems before the outbreak was quarantined. He said the folks in finance didn’t bat an eyelash when asked to authorize several payments of $600 to satisfy the Bitcoin ransom demanded by the intruders: After all, my source confessed, the data on one of the infected systems was worth millions — possibly tens of millions — of dollars, but for whatever reason the company didn’t have backups of it.

This anecdote has haunted me because it speaks volumes about what we can likely expect in the very near future from ransomware — malicious software that scrambles all files on an infected computer with strong encryption, and then requires payment from the victim to recover them. Continue reading Ransomware Getting More Targeted, Expensive→

Cry Ransomware Uses UDP, Imgur, Google Maps

Posted on September 6, 2016 by Chris Brook

Ransomware purporting to come from a phony government agency, the Central Security Treatment Organization, has been making the rounds and using Google Maps and Imgur, researchers claim.

Continue reading Cry Ransomware Uses UDP, Imgur, Google Maps→

Insecure Redis Instances at Core of Attacks Against Linux Servers

Posted on September 1, 2016 by Michael Mimoso

Attackers are targeting insecure Redis instances, exposed to the internet, to access Linux servers and delete web files and folders in exchange for ransom. Continue reading Insecure Redis Instances at Core of Attacks Against Linux Servers→

Fairware Attacks Targeting Linux Servers

Posted on August 31, 2016 by Michael Mimoso

Linux admins are reporting attacks against webservers resulting in the deletion of web folders, reportedly by attackers using a ransomware variant called Fairware. Continue reading Fairware Attacks Targeting Linux Servers→