Malwarebytes

APRIL 11, 2022

In this March 2022 ransomware review, we go over some of the most successful ransomware incidents based on both open source and dark web intelligence. Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. The post Ransomware: March 2022 review appeared first on Malwarebytes Labs.

Ransomware 91

Ransomware Accountability Technology Firmware 91

Malwarebytes

MARCH 10, 2022

In this February 2022 ransomware review, we go over some the most successful ransomware incidents based on both open source and dark web intelligence. Observed since: February 2022 Ransomware note: read_me.html Ransomware extension: <original file name> [vote2024forjb@protonmail[.]com].encryptedJB SFile (Escal). Mitigations.

Ransomware 90

Ransomware Phishing Accountability Technology 90

eSecurity Planet

MAY 27, 2025

Luna Moth has been active since at least 2022 and first gained attention for using a technique known as callback phishing, a method where victims receive phishing emails pretending to be billing notices or subscription charges. Traditional antivirus systems usually fail to detect suspicious activity due to this.

Phishing 65

Phishing Scams Antivirus Backups 65

eSecurity Planet

FEBRUARY 9, 2022

And a recent Enterprise Strategy Group (ESG) study notes that cybersecurity is likely to be the top area for increased IT spending for 2022. According to ESG, 69% of organizations plan to spend more on cybersecurity in 2022. The rest – 2% – intend to pay less for cybersecurity in 2022 compared to 2021.

Backups 140

Backups Firewall DDOS Antivirus 140

eSecurity Planet

JUNE 16, 2022

Also read: Best Antivirus Software of 2022. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. million per incident, according to the World Economic Forum (WEF) Global Cybersecurity Outlook 2022 report, while IBM reports that the number is now $4.24 Backup and encryption.

Backups 145

Backups Ransomware Firewall Malware 145

Security Affairs

APRIL 25, 2022

The alert includes indicators of compromise (IoCs) associated with BlackCat/ALPHV, as of mid-February 2022. Regularly back up data, air gap, and password-protect backup copies offline. Review antivirus logs for indications they were unexpectedly turned off. Review Task Scheduler for unrecognized scheduled tasks.

Ransomware 136

Ransomware Antivirus Passwords Malware 136

Webroot

AUGUST 10, 2022

The OpenText Security Solutions threat intelligence team is sharing mid- year updates to our 2022 BrightCloud® Threat Report. Almost 20% of all first half of 2022’s attacks occurring in April, which was likely the result of tax season, the beginning of national gas hikes , and the baby food shortage.

Threat Reports 111

Threat Reports DNS Phishing Malware 111

CyberSecurity Insiders

JULY 7, 2022

Reports are in that the servers of Flood Monitoring System were hit by the file-encrypting malware on June 21st,2022 and the hackers are demanding BTC in double-digit figures to free data from encryption. As the backup data is also compromised, the disaster recovery plan related to information is jeopardized.

Ransomware 106

Ransomware Antivirus Backups Encryption 106

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware 98

Ransomware Antivirus Backups Malware 98

CyberSecurity Insiders

MAY 19, 2023

By the end of 2022, the education sector had seen increased ransomware attacks. Between November and December 2022, there were 24 disclosed and confirmed ransomware attacks, five against K-12 universities and schools. Hive Ransomware added new additions to their VMware ESXi Linux encryptor in March of 2022.

Ransomware 124

Ransomware Encryption Healthcare Education 124

eSecurity Planet

JANUARY 21, 2022

Also read: Top Vulnerability Management Tools for 2022. Also read: Best Incident Response Tools and Software for 2022. The steps also include quickly identifying and assessing unusual network behavior , running antivirus and anti-malware solutions on the network and testing backup procedures. Threats in a Connected World.

Malware 140

Malware Government Ransomware Backups 140

Security Boulevard

MAY 9, 2022

On April 19th of 2022, the FBI Cyber Division released a flash bulletin regarding the Blackcat ransomware-for-hire. It targets Active Directory to spread via GPO, primarily working with Windows administrative tools for spread, outside connection, and disabling security features like antivirus. Blackcat Ransomware.

Ransomware 98

Ransomware Antivirus Backups Passwords 98

Security Affairs

MARCH 20, 2022

EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware gang targets US critical infrastructure Crooks claims to have stolen 4TB of data from TransUnion South Africa Exotic Lily initial access broker works with Conti gang Emsisoft releases free decryptor for the victims of the Diavol ransomware China-linked (..)

DNS 98

DNS Antivirus DDOS Hacking 98

eSecurity Planet

JANUARY 30, 2024

Verizon’s 2023 Data Breach Investigations Report (DBIR) also reveals that inside actors were responsible for 83% of 2022 data breaches. Backup files: Regularly back-up public cloud resources. DDoS Attacks The average distributed denial of service (DDoS) attack duration increased from 30 minutes in 2021 to 50 minutes in 2022.

Risk 127

Risk DDOS Data breaches Encryption 127

eSecurity Planet

APRIL 6, 2023

In late 2022, Rackspace became a ransomware victim in one of the biggest cyberattacks ever suffered by a major cloud services vendor. LockBit uses a double extortion method and was responsible for roughly 40% of ransomware attacks in the first few months of 2022. Conti uses a double extortion method and a multithreading system.

Ransomware 98

Ransomware Backups Encryption Malware 98

eSecurity Planet

FEBRUARY 15, 2022

Also read: Top Vulnerability Management Tools for 2022. The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Federal organizations will only have until February 24, 2022 to patch this vulnerability.

Ransomware 128

Ransomware Encryption Backups Accountability 128

SecureWorld News

SEPTEMBER 16, 2022

In February 2022, the actors exploited a Log4j vulnerability (likely CVE-2021-44228, CVE-2021-45046, and/or CVE-2021-45105) in a VMware Horizon application to gain access to the network of a U.S. The mitigation techniques include the following: Implement and Enforce Backup and Restoration Policies and Procedures. aerospace company.

Ransomware 98

Ransomware Government Encryption Antivirus 98

CyberSecurity Insiders

OCTOBER 25, 2022

Department of Health and Human Services HHS Breach Portal states that since the beginning of 2022, there have been at least 368 breaches affecting over 25.1 A solid cybersecurity posture is only as strong as its policies, backups and disaster plans. million patients. Implement Threat Awareness Training.

Healthcare 105

Healthcare Ransomware Social Engineering Backups 105

Spinone

APRIL 30, 2020

billion by 2022. Is OneDrive a backup? OneDrive is not a backup tool. OneDrive is cloud storage, and there is a massive difference between cloud backup and cloud storage. Cloud backup, on the other hand, is a service that uses cloud storage for saving your files, but its functionality doesn’t end there.

Backups 78

Backups Encryption Ransomware Antivirus 78

Security Boulevard

MARCH 25, 2022

In late January 2022, ThreatLabz identified an updated version of Conti ransomware as part of the global ransomware tracking efforts. This update was released prior to the massive leak of Conti source code and chat logs on Februrary 27, 2022. Conti command-line arguments updated in January 2022. Conclusion.

Ransomware 129

Ransomware Encryption Software Accountability 129

Security Affairs

MAY 4, 2023

“The department had reverted to its backup system, radio, to dispatch officers in response to 911 calls instead of its computer assisted dispatch system. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware 98

Ransomware Healthcare Encryption Education 98

Malwarebytes

OCTOBER 1, 2023

Ransomware woes doubled by reinfection after improper remediation In November 2022, a small trades contractor in Alberta, Canada, received an alert for an elevated account running unauthorized commands and dumping credentials. By December 2022, they were encrypted with ransomware again.

Ransomware 119

Ransomware Small Business Malware Passwords 119

Security Affairs

FEBRUARY 21, 2023

The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost.

Insurance 98

Insurance Ransomware Cyber Insurance Malware 98

Malwarebytes

MAY 8, 2023

The variant, targeting macOS arm64 architecture, first appeared on VirusTotal in November and December 2022 but went unnoticed until late April when it was discovered by MalwareHunterTeam. Grixba checks for antivirus programs, EDR suites, backup tools to help them plan the next steps of the attack.

Ransomware 82

Ransomware Backups Encryption Education 82

SecureList

JUNE 26, 2023

According to the Kaspersky cyber-resilience report , in 2022, four in ten employers admitted that a cybersecurity incident would be a major crisis for their business, superseded only by a slump in sales or a natural disaster. Make regular backups of essential data to ensure that corporate information stays safe in an emergency.

Cybercrime 123

Cybercrime Phishing Banking Malware 123

Malwarebytes

MARCH 25, 2022

The US National Institute and Standards and Technology (NIST) recognizes the malicious package versions of node-ipc as a vulernability, which is tracked as CVE-2022-23812. ” Tal said in a post. When protestware ripples out.

Software 134

Software Internet Internet Banking 134

SecureWorld News

AUGUST 8, 2022

Malicious cyber actors then use the Remcos backdoor to issue commands and gain administrator privileges while bypassing antivirus products, maintaining persistence, and running as legitimate processes by injecting itself into Windows processes. physically disconnected) backups of data. Remcos installs a backdoor onto a target system.

Malware 98

Malware Banking Penetration Testing Healthcare 98

CyberSecurity Insiders

FEBRUARY 25, 2022

AT&T Alien Labs™ is writing this report about recently created ransomware malware dubbed BlackCat which was used in a January 2022 campaign against two international oil companies headquartered in Germany, Oiltanking and Mabanaft. Campaigns remain active, with 16 known incidents in February 2022 as of the publishing of this report.

Ransomware 119

Ransomware Encryption Malware Backups 119

eSecurity Planet

APRIL 19, 2023

Portnox is a private company that specializes in network access security with nearly 1,000 customers and closed a Series A fundraising with Elsewhere Partners for $22 million in 2022. Founded in 2007, Por t nox began selling a software-based NAC solution to be used in local networks.

IoT 98

IoT Authentication VPN Backups 98

CyberSecurity Insiders

JUNE 18, 2022

Although the vulnerability, tracked as CVE-2022-3019 , received a CVSS score of 7.8 Up-to-date endpoint protection and antivirus software on remote and in-office endpoints that can detect and remove malware that gets into the system. A reliable and comprehensive backup and recovery strategy. Conclusion.

Risk 96

Risk Phishing InfoSec Antivirus 96

Security Boulevard

MAY 3, 2022

A more recent Go-based variant was introduced around February 2022. Similar to other ransomware families, BlackByte deletes shadow copies to prevent a victim from easily recovering files from backups. This new variant introduced many additional features and updated the file encryption algorithms. Delete Shadow Copies. sqbcoreservice.

Encryption 75

Encryption Ransomware Antivirus Backups 75

eSecurity Planet

JUNE 17, 2021

From a GUI enterprise manager to advanced logical replication, backup and recovery, and a migration toolkit, EDB is a go-to vendor for all Postgre database administrators. McAfee is widely known for bringing the first antivirus software to market. Also Read: Top 9 Network Access Control (NAC) Solutions for 2021.

Firewall 120

Firewall Encryption Computers and Electronics Software 120

Thales Cloud Protection & Licensing

FEBRUARY 15, 2023

Ransomware attacks have become much more dangerous and have evolved beyond basic security defenses and business continuity techniques like next-gen antivirus and backups. At this point, typical defenses for ransomware, such as backups and restoration of systems and data, do not apply. What is Double Extortion Ransomware?

Ransomware 71

Ransomware Encryption Backups Cyber Insurance 71

eSecurity Planet

MARCH 23, 2022

In 2022, Chinese researchers detected a decade-old backdoor introduced into the Linux operating system by an APT group associated with the U.S. Maintain effective endpoint security ( antivirus , EDR ). Keep in mind that backups that preserve APT malware or maliciously modified settings may need to be deleted to avoid restoring the APT.

Firewall 109

Firewall Malware Phishing Software 109

Malwarebytes

APRIL 5, 2023

According to the 2022 State of EdTech Leadership Report , only one in five school districts (21 percent) have a dedicated cybersecurity professional on staff. Technicians are often dwarfed by the number of students, teachers, and devices under their charge, with IT to student ratios of 1:100+ or even 1:1,000+.

Education 76

Education Ransomware Cybersecurity Risk 76

SecureList

DECEMBER 1, 2023

Common TTPs in attacks on industrial organizations In 2022, we investigated a series of attacks against industrial organizations in Eastern Europe. In September 2022, a builder for Lockbit 3 was leaked, allowing anyone to create their own customized version of the ransomware. Inject.aokvy.

Malware 139

Malware Ransomware Encryption Energy and Utilities 139

eSecurity Planet

MAY 19, 2022

The traffic is then decrypted and inspected using antivirus scanning and web filtering. Backups and a rigid backup strategy are another essential part of the network security puzzle, as they ensure lost data is recoverable when all else fails. Read more : Top Cybersecurity Startups to Watch in 2022.

Firewall 57

Firewall Architecture Software Backups 57