Actors are creating convincing PayPal websites and promise spending returns between 3% and 5%. The executable that is downloaded by the victims is not the PayPal app but a variant of the Nemty ransomware. Those who step in the trap will...
The U.S. Senate wants to enable the DHS to form expert IT teams that will help organizations with ransomware. The teams will provide technical support, advice, incident response, and data retrieval services. Security analysts are happy with this first step but...
The Weather Channel lost its live program for 90 minutes, probably due to a ransomware attack. Not a lot of details have been disclosed about the incident, as the FBI investigation is ongoing. The channel had a backup, so they restored...
 A hospital in Northern France is trying to disinfect 6000 of their computers from a ransomware worm. The caregiving services have been severely impacted, but personnel claims the situation is manageable. Reportedly, the actor hasn’t sent a ransom demand, so paying...
The Dharma ransomware tries to divert the victim’s attention by using an old ESET tool. While the user is dealing with the installation of the ESET Remover, Dharma runs in the background. There’s nothing that can be done about this by...
CyrusOne was hit by REvil, and the company is working towards restoration without paying. The ransomware actors found their way in six New York-based data centers, affecting an equal number of clients. Considering the size and global presence of CyrusOne, the...
Malicious actors are leveraging compromised URLs to infect victims with Troldesh ransomware. The particular software is most likely to be detected by AV tools, but not always. The actors are using TOR for data exfiltration and communication, and two infected URLs...
BitDefender puts an end to the GandCrab scourge, and its developers announce their retirement as well. The IT security company released a decryption tool that covers all versions, past and present. This is definitely not the last we have heard from...
Two US-based chemical manufacturing companies, Hexion and Momentive, announced a global IT system outages. The attacks were based on the utilization of the LockerGoga ransomware, which is apparently more popular than we thought. The two companies are working towards the restoration...
Scammers promote Dharma decryption services, but experts say this is impossible. The scammers are just paying the ransomware actors and unlock the files of the victims. Dharma will most likely not be unlocked throughout our lifetime, as it features a perfect...
Emsisoft’s researchers have released their third ransomware decryption this month. The security firm has managed to put an end to LooCipher, ZeroFucks, and Ims00rry. People are advised to take regular backups, never pay the ransom, and to follow safe software procurement...
An unidentified ransomware strain has hit SmarterASP.NET on Saturday, and the service is still recovering. The company says that about 40% of the affected clients have gotten their websites back already. Customers are urged to refrain from sending emails and to...
A company that was backing up dental documents on its cloud infrastructure has fallen victim of a ransomware attack. According to unofficial reports, the firm has already paid the ransom, and they are decrypting the files. Dental clinics report that the...
PayPal is on their way to try their luck on the ransomware detection and prevention field. The online payments company has had a relevant patent approved, which shows a novel way to deal with malicious encrypters. If PayPal releases a product...
Emsisoft has released a decryptor for GetCrypt, which works even without the decryption key. GetCrypt is differentiated from other ransomware samples by trying to brute force user network credentials. The ransomware decrypts the files with the Salsa20 and RSA-4096 algorithms, while...
Nemty can now kill processes and services and encrypt files that are underuse. Examples include virtual box systems and files, Thunderbird emails, and Word files. Nemty seems to want to keep a low profile right now, and until it gets powerful...
BillTrust is still struggling to get back on its feet after a ransomware attack. The firm hasn’t revealed the details of the incident, but unconfirmed sources involve BitPaymer. The services of the B2B payments company are gradually getting back online, but...
“Columbia Surgical Specialists” gets infected by ransomware and pays $15k to unlock patient files. Investigators believe that none of the data were stolen and that the attackers were after a quick swag. Up to 400000 people may have had their information...