Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Continue reading Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks

The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware.

The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have bee… Continue reading U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks

Fileless malware: getting the lowdown on this insidious threat

In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical … Continue reading Fileless malware: getting the lowdown on this insidious threat

At $17 million, Atlanta network recovery six times more expensive than estimated

The SamSam ransomware attack on the city of Atlanta in March is probably one of the most expensive security incidents, with the recovery cost adding up to some $17 million of taxpayers’ money, according to a seven-page “confidential and pri… Continue reading At $17 million, Atlanta network recovery six times more expensive than estimated

SamSam Ransomware Attacks Extorted Nearly $6 Million

Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example.

New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cybe… Continue reading SamSam Ransomware Attacks Extorted Nearly $6 Million

LabCorp attack highlights persistent ransomware threat to health sector

Ransomware has hit the vast medical-testing and blood diagnostics company LabCorp, the latest health care organization to be targeted by the hostage-taking malware. After detecting “suspicious activity” on its IT network over the weekend of July 14, LabCorp determined that it had been affected by “a new variant of ransomware,” company spokeswoman Pattie Kushner told CyberScoop. The North Carolina-based company, which has 60,000 employees worldwide and processes 2.5 million patient samples per week, is working with outside security experts and law enforcement to recover from the attack. The company took certain systems offline to clear them of the ransomware, which has “affected some test processing and customer access to test results,” Kushner said. “Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed, and we are working to restore additional systems and functions over the next several days,” she added. The ransomware was only detected on the company’s […]

The post LabCorp attack highlights persistent ransomware threat to health sector appeared first on Cyberscoop.

Continue reading LabCorp attack highlights persistent ransomware threat to health sector

A week in security (June 18 – June 24)

A roundup of security news from June 18 – 24 that includes the SamSam ransomware, DNS rebinding, a World Cup phishing campaign, and lots and lots of Android malware.
Categories:

Security world
Week in security

Tags: android malwareandroid… Continue reading A week in security (June 18 – June 24)

SamSam ransomware: controlled distribution for an elusive malware

SamSam ransomware is a unique malware for its explicit human interaction on selected targets and care to erase most of its tracks.
Categories:

Malware
Threat analysis

Tags: ransomwaresamsamsamsam ransomware

(Read more…)

The post SamS… Continue reading SamSam ransomware: controlled distribution for an elusive malware

As ransomware hobbled Atlanta, banks drilled for next iteration of attacks

As the Atlanta city government struggled to recover from March’s ransomware attack, cybersecurity personnel from U.S. banks huddled two miles from city headquarters to practice dealing with the same type of disruptive malware. The exercise, which assembled 18 financial institutions and the industry’s threat-sharing center, simulated a bank’s computer network and tasked participants with defeating “WannaCry-like” ransomware, according to ManTech International Corp., the cybersecurity company that hosted the drill in April. Participants, including big U.S. banks, connected to ManTech’s Advanced Cyber Range Environment (ACRE), a computing facility that can test network defenses against various strains of malware. Some participated from the Federal Reserve office in midtown Atlanta, according to ManTech spokesman Jim Crawford. In this case, exercise planners mimicked the WannaCry ransomware, which struck more than 300,000 computers in 150 countries last year. The company already had practice using that virus for ACRE training “when it was still in the wild,” Brett Barraclough, a ManTech […]

The post As ransomware hobbled Atlanta, banks drilled for next iteration of attacks appeared first on Cyberscoop.

Continue reading As ransomware hobbled Atlanta, banks drilled for next iteration of attacks

SamSam ransomware: what you need to know

We take a look at SamSam ransomware, the malware that messed with Atlanta, and tell you how it works and what you can do to combat it.
Categories:

Cybercrime
Malware

Tags: atlanta ransomwareexploitsmalwareransomransomwaresamsamsamsam ransomware… Continue reading SamSam ransomware: what you need to know