A new ransomware family has recently been discovered that incorporates a combination of fileless attack and code-injection. Dubbed Sorebrect, the fileless ransomware is targeting enterprises, instead of individual users.
Over the last two weeks, Microsoft, Adobe, Mozilla, Google, and VMWare all released major security updates to their systems. Installing these updates, or ‘patches’ can be a key ingredient to your cybersecurity well-being. As we saw with the WannaCry outbreak back in May, failing to update your computer can have a devastating effect.
A lot of people are looking for that next big investment that will make them millions. Well, a headline about Bitcoins caught my attention the other day: If You Invested $100 in Bitcoin in 2010, You’d Be Worth $72 Million Now. That’s a 720,000% return on investment.
WannaCry ransomware took the cybersecurity scene by storm last Friday (May 12th), becoming the fastest spreading ransomware to-date. Now that it is nearly a week later, we want to provide some takeaways on WannaCry. What happened, what did we learn, and what does the future look like?
Cyber criminals are using an exploit kit to distribute the fastest spreading ransomware to-date. The ransomware being distributed is WannaCry 2.0 but is also referenced to as WannaCrypt0r, Wanna Decryptor, and WCry.
As of now, 48 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have implemented legislation that requires private or government entities to notify individuals if they have experienced a security breach. Alabama, New Mexico, and South Dakota are the three remaining states who don’t have official security breach notification laws. Even my Midwestern home-state of Iowa now has a mandatory data breach notification law.
In a recent webinar hosted by WatchPoint, CEO Greg Edwards and Chief Hacking Officer Nathan Studebaker explained fileless malware. Fileless malware is a tactic that we have seen professional hackers use more and more over the last six months. In fact, the last quarter of 2016 saw a 33% increase in the distribution of fileless malware.
A Google Docs phishing scheme is taking the internet by storm this week. A client of ours received an email from one of their colleagues similar to the screenshot below.
April was an extremely busy month in the world of ransomware. There are several new ransomware variants that look like they are going to stay around for a while. Cerber has taken over the reigns as the most distributed ransomware. However, Locky is looking to come back strong after its demise in 2016. We have also added several decryptors to our list, which is the largest you’ll find on the internet. The best news about ransomware in April is it looks like there weren’t any new attack vectors for Android users.
At WatchPoint, we are proud to have the largest list of ransomware decryptors on the internet. However, it’s important to know that the majority of ransomware variants do not have a decryptor available.