CSO Magazine

MARCH 3, 2021

The cybercriminal gang behind the Gootkit Trojan is expanding its malware distribution activities and is improving its multi-stage distribution platform to deliver additional threats. How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! Sign up for CSO newsletters ! ].

Malware 117

Malware CSO Ransomware 117

CSO Magazine

SEPTEMBER 21, 2021

The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result. To read this article in full, please click here

Cryptocurrency 125

Cryptocurrency Ransomware CSO Marketing 125

CSO Magazine

AUGUST 30, 2021

A new ransomware threat called LockFile has been victimizing enterprises worldwide since July. Key to its success are a few new tricks that make it harder for anti-ransomware solutions to detect it. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

Encryption 125

Encryption Ransomware CSO Antivirus 125

CSO Magazine

SEPTEMBER 22, 2021

The Federal Bureau of Investigation (FBI) had the keys to REvil’s ransomware as the cybercriminals were locking up company after company’s data and did not publicly share the keys. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

Ransomware 117

Ransomware CSO Malware 117

CSO Magazine

JULY 13, 2021

The dark web sites operated by the notorious REvil ransomware group suddenly went offline on Tuesday, prompting speculation that the US or Russian governments stepped in. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

CSO 144

CSO Ransomware Government Malware 144

CSO Magazine

FEBRUARY 19, 2021

Egregor is one of the most rapidly growing ransomware families. Although descriptions of the malware vary from security firm to security firm, the consensus is that Egregor is a variant of the Sekhmet ransomware family. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. What is Egregor?

Ransomware 119

Ransomware CSO Malware Cybersecurity 119

CSO Magazine

MARCH 19, 2021

What is Ryuk ransomware? Ryuk is a sophisticated ransomware threat that has been targeting businesses, hospitals, government institutions and other organizations since 2018. Read our blue team's guide for ransomware prevention, protection and recovery. | Get the latest from CSO by signing up for our newsletters. ]

Ransomware 98

Ransomware CSO Encryption Government 98

CSO Magazine

MAY 25, 2022

The Chaos ransomware builder started out last year as a buggy and unconvincing impersonation of the notorious Ryuk ransomware kit. One successful ransomware operation known as Onyx hit U.S.-based It uses a variation of the Chaos ransomware, according to security researchers.

Ransomware 137

Ransomware Malware 137

CSO Magazine

OCTOBER 18, 2021

The White House’s Counter-Ransomware Initiative event, facilitated by the National Security Council (NSC), concluded two days of public-facing and closed-door sessions. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

Ransomware 88

Ransomware CSO Malware 88

Threatpost

OCTOBER 27, 2021

Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.

CSO 97

CSO Ransomware InfoSec Malware 97

CSO Magazine

JUNE 7, 2023

Bitdefender has uncovered a hidden malware campaign living undetected on mobile devices worldwide for more than six months. The campaign is designed to push adware to Android devices with the purpose of driving revenue. To read this article in full, please click here

Adware 139

Adware Malware Banking Mobile 139

CSO Magazine

JANUARY 19, 2022

There are the malware developers, the access brokers, the spammers, the private information sellers, the botnet operators, the malvertizers and more. One service that is often overlooked but still plays an important role in malware delivery are so-called traffic direction systems (TDS).

Malware 142

Malware Cybercrime Phishing Ransomware 142

CSO Magazine

JUNE 10, 2022

The human mind loves to categorize things, and malware is no exception.

Adware 104

Adware CSO Malware Ransomware 104

CSO Magazine

MAY 1, 2023

Rarely does a day go by without significant news of a damaging misinformation threat, a ransomware attack, or another malicious cyber incident. At this year's RSA Conference, information security experts appeared on a panel entitled "Misinformation Is the New Malware" to hammer out the distinctions.

Malware 118

Malware Information Security Ransomware Cybersecurity 118

CSO Magazine

MAY 30, 2022

Linux malware has been massively overlooked," says Giovanni Vigna, senior director of threat intelligence at VMware. Since most of the cloud hosts run Linux, being able to compromise Linux-based platforms allows the attacker to access an enormous amount of resources or to inflict substantial damage through ransomware and wipers."

Malware 138

Malware IoT Internet Internet 138

CSO Magazine

JUNE 2, 2022

As we head into the unofficial start of summer, it does not appear the criminal groups that run ransomware schemes are planning to take any time to rest. Ransomware was all over the infosec news headlines in the past week, with one new report revealing that its presence has grown more in the last year than in the past several years combined.

Ransomware 91

Ransomware InfoSec Malware CISO 91

CSO Magazine

MARCH 14, 2023

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai.

DNS 128

DNS Malware Ransomware 128

CSO Magazine

APRIL 14, 2022

What is Ransomware? Ransomware (ransom + malware) is a form of malware designed to allow malicious actors to extort money from an organization. Ransomware attacks have become increasingly common with attackers targeting organizations with weak security practices.

Ransomware 111

Ransomware Encryption Malware 111

CSO Magazine

MAY 13, 2021

DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline , leading to a major fuel supply disruption along the East Coast of the US. To read this article in full, please click here (Insider Story)

Ransomware 118

Ransomware Encryption Hacking Malware 118

CSO Magazine

APRIL 28, 2022

Several threat groups believed to be initial access facilitators for some ransomware gangs are transitioning to a new first-stage malware downloader dubbed Bumblebee. The malware is used to deploy known penetration testing implants such as Cobalt Strike, Sliver and Meterpreter.

Malware 82

Malware Penetration Testing Ransomware Hacking 82

CSO Magazine

FEBRUARY 24, 2022

Ransomware and phishing were the top cybersecurity issues for businesses in 2021, according to IBM Security’s annual X-Force Threat Intelligence Index. To read this article in full, please click here

Manufacturing 116

Manufacturing Ransomware Phishing Malware 116

CSO Magazine

AUGUST 13, 2021

Ransomware attacks on large enterprises like Colonial Pipeline dominate the headlines. But did you know small and medium-size businesses (SMBs) account for at least half of all ransomware attacks, if not closer to two-thirds, according to the U.S. 1 In fact, ransomware is the most common cyberthreat that SMBs face. What it is.

Ransomware 121

Ransomware Digital transformation Insurance Encryption 121

CSO Magazine

NOVEMBER 8, 2021

Cyber criminals, always a clever lot, have found a new way to evade detection when deploying malware. This novel approach helps the ransomware to avoid triggering a red flag because the new encryption method looks statistically very similar to the unencrypted original. To read this article in full, please click here

Encryption 115

Encryption Ransomware Engineering Technology 115

CSO Magazine

JULY 8, 2022

A cybersecurity advisory about the ransomware known as Maui has been issued by the FBI, CISA and U.S. The agencies assert that North Korean state-sponsored cyber actors have used the malware since at least May 2021 to target healthcare and public health sector organizations. Treasury Department.

Ransomware 113

Ransomware Healthcare Malware Risk 113

CSO Magazine

MARCH 27, 2023

Security researchers have seen attack campaigns using two new variants of IcedID, a banking Trojan program that has been used to deliver ransomware in recent years. The two new variants, one of which appears to be connected to the Emotet botnet, are lighter compared to the standard one because certain functionality has been stripped. "It

Malware 109

Malware Banking Ransomware 109

CSO Magazine

FEBRUARY 15, 2021

Ransomware has been one of the most devastating malware threats that organizations have faced over the past few years, and there's no sign that attackers will stop anytime soon. It’s just too profitable for them.

Ransomware 98

Ransomware Malware 98

CSO Magazine

APRIL 15, 2021

Criminal ransomware techniques have evolved in the last few years and are now even harder to detect – and more damaging if they get through network defenses. One particular insidious type of new ransomware is from a gang known as Conti. The malware has so far mainly impacted victims in North America and Western Europe.

Ransomware 100

Ransomware Malware 100

CSO Magazine

MARCH 23, 2023

Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. AiD Lock is not a newcomer to malware development and was previously associated with the AiD Locker ransomware-as-a-service (RaaS) program as well as with a group called PHANTOM DEV or DeadXInject Hack.

Malware 92

Malware Advertising Ransomware Hacking 92

CSO Magazine

MARCH 10, 2023

A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division of cybersecurity company Sentinel One. The exploit is for CVE-2022-47986 , a recently patched Aspera Faspex vulnerability.

Ransomware 101

Ransomware Malware Software Cybersecurity 101

CSO Magazine

NOVEMBER 30, 2022

Ransom Cartel, a ransomware-as-a-service (RaaS) operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti.

Energy and Utilities 96

Energy and Utilities Ransomware Manufacturing Education 96

CSO Magazine

FEBRUARY 22, 2023

A spike in the use of the multi-purpose Emotet malware early in the year was the main culprit of this increase, accounting for 47% of backdoors deployed throughout the year, according to IBM Security X-Force Threat Intelligence Index.

Ransomware 114

Ransomware Accountability Malware 114

CSO Magazine

FEBRUARY 9, 2023

A UK/US campaign to tackle international cybercrime has seen Seven Russian cybercriminals linked to a notorious ransomware group exposed and sanctioned. The sanctions were announced today by the UK’s Foreign, Commonwealth and Development Office (FCDO) alongside the US Department of the Treasury’s Office of Foreign Assets Control (OFAC).

Cybercrime 78

Cybercrime Ransomware Malware 78

CSO Magazine

SEPTEMBER 26, 2022

Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering , ransomware , and malware attacks continue to advance, exposing businesses to greater risk, according to a new report by cloud security company Zscaler. To read this article in full, please click here

Social Engineering 127

Social Engineering Engineering Risk Ransomware 127

CSO Magazine

JANUARY 10, 2023

Ransomware is still a massive threat to organizations. Threat researchers with Sophos say the expansion is due to the commoditization of “malware-as-a-service” and the sale of stolen credentials and other sensitive data. Today, cybercrime-as-a-service is a lucrative and growing business model among criminals.

Cybercrime 88

Cybercrime Ransomware Threat Reports Malware 88

CSO Magazine

NOVEMBER 21, 2022

The analysis discovered that the threat actors behind the campaign leverage extortion without malware-based encryption, have significantly invested in call centers and infrastructure unique to attack targets, and are evolving their tactics over time. Luna Moth removes malware portion of phishing callback attack.

Phishing 76

Phishing Malware Social Engineering Antivirus 76

CSO Magazine

NOVEMBER 16, 2021

Sophos researchers recently uncovered evidence of a malware campaign using a network of websites acting as a “dropper as a service” to distribute the malware. The malware includes an assortment of click-fraud bots, other information stealers, and even ransomware, and often bundle multiple unrelated malware together in a single dropper.

Cybercrime 115

Cybercrime Malware Ransomware 115

CSO Magazine

JULY 22, 2022

Cybercriminals are now operating on a professional footing with easy-to-launch malware and ransomware attacks being offered on a software-as-a-service (SaaS) basis, allowing people with even rudimentary IT skills to launch cyberattacks at targets of their choosing, the report notes.

Cybercrime 130

Cybercrime eCommerce Advertising Malware 130