ransomware | Breaking Cybersecurity News | The Hacker News

Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware , a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin (25-year-old) and Dennis van den B. (21-year-old) — were arrested from Amersfoort on suspicion of involvement in CoinVault ransomware attacks. The duo was arrested by law enforcement with the help of researchers from Kaspersky Labs , who reverse-engineered the malware and found the full name of one of the suspects and their IP address left accidentally on the command and control server. CoinVault ransomware campaign that began in May 2014 was one of the most successful file-encrypting ransomware program of its time that encrypted over 14,000 Windows computers worldwide, primarily the Netherlands, the US, the UK, Germany, and France. Just like other ransomware attacks, the sole intent of CoinVau

Security researchers have discovered an interesting piece of malware that infects systems with either a cryptocurrency miner or ransomware, depending upon their configurations to decide which of the two schemes could be more profitable. While ransomware is a type of malware that locks your computer and prevents you from accessing the encrypted data until you pay a ransom to get the decryption key required to decrypt your files, cryptocurrency miners utilize infected system's CPU power to mine digital currencies . Both ransomware and cryptocurrency mining-based attacks have been the top threats so far this year and share many similarities such as both are non-sophisticated attacks, carried out for money against non-targeted users, and involve digital currency. However, since locking a computer for ransom doesn't always guarantee a payback in case victims have nothing essential to losing, in past months cybercriminals have shifted more towards fraudulent cryptocurrency

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

If your computer has been infected with Thanatos Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search is over here. Security researchers at Cisco Talos have discovered a weakness in the Thanatos ransomware code that makes it possible for victims to unlock their Thanatos encrypted files for free without paying any ransom in cryptocurrencies. Like all ransomware threats, Thanatos encrypts files and asks victims to pay for ransom in multiple cryptocurrencies, including Bitcoin Cash, to decrypt their files. "Multiple versions of Thanatos have been leveraged by attackers, indicating that this is an evolving threat that continues to be actively developed by threat actors with multiple versions having been distributed in the wild," the researchers say.  "Unlike other ransomware commonly being distributed, Thanatos does not demand ransom payments to be made using a single cryptocurrency like bitcoin. Inste

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging , a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10. Process Doppelgänging attack works by using NTFS transactions to launch a malicious process by replacing the memory of a legitimate process, tricking process monitoring tools and antivirus into believing that the legitimate process is running. If you want to know more about how Process Doppelgänging attack works in detail, you should read this article  I published late last year. Shortly after the Process Doppelgänging attack details went public, several threat actors were found abusing it in an attempt to bypass modern security solutions. Security researchers

Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting big businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Last year, we saw some major ransomware outbreaks, including WannaCry  and  NotPetya , which wreaked havoc across the world, hitting hundreds of thousands of computers and business networks worldwide. From small to mid-range businesses, Microsoft Office 365 remains the most widely used and fastest-growing work office suite, so it's no surprise that it has become a primary target for viruses, ransomware, and phishing scams. In fact, most strains of ransomware target Microsoft productivity apps such as Word, Excel and encrypt sensitive data to hold the company hostage until the ransom is paid. Now, to combat such cyber attacks, Microsoft has announced some new security features for Office 365 that can help users mitigate the damage done by ransomware a