Tags: ransomware

Malwarebytes slams poor AV solutions

Security vendor Malwarebytes has taken aim at the AV industry. It has released details showing how ineffective many AV solutions are. It’s primary target are those AV solutions that rely solely on signature-based detection methods. The blog by Marcin Kleczynski, CEO and Co-Founder, Malwarebytes states: “With signature-based detection methods, traditional AV solutions are simply weak against…

Companies buying Dark Web intelligence

Threat intelligence provider Recorded Future has said that 70% of its customers are using threat intelligence sourced from the dark web. The data is being used to identify compromised assets such as user credentials and intellectual property. It also says that customers are using the data to assess their vulnerability to attack. According to Matt…

Comodo spots Asasin extension used by ransomware

Comodo Threat Intelligence Labs has uncovered a fourth wave of IKARUSdilapidated Locky ransomware attacks. Like previous waves, it is driven by botnets and uses an unknown file extension to bypass security software. The botnets are using a social engineering-based phishing attack targeting both businesses and individuals. The email uses the title Supplement Payment. It appears…

Necurs drives a resurgent Locky

The Locky Ransomware, first detected in February 2016 has surged back up Check Point’s latest Global Threat Index (GTI). It now stands at No 2 in the GTI, only beaten by the Roughted malvertising attack. This is the first time Locky has appeared in the GTI since November 2016. Check Point puts this current rise…

Another wave of Locky Ransomware arrives

Security solutions and digital certification vendor Comodo has reported yet another wave of ransomware attacks. This latest campaign uses the same Locky variant, IKARUSdilapidated, as in previous attacks reported by Comodo. The campaign started on the 18th September and stopped on the 21st September. That does not mean it is over. It is likely that…

IKARUSdilapidated strikes again

Comodo Threat Intelligence has identified a second wave of IKARUSdilapidated Locky ransomware attacks. This is the second time this month that Comodo has detected attacks by this Locky ransomware variant. The details of the attacks have now been made public. IKARUSdilapidated using fake scanned files This second wave of attacks are being launched by a botnet…

NTT Security sees increased attacks on clients

  NTT Security has released its Global Threat Intelligence Center (GTIC) quarterly threat intelligence report for Q2 2017. The report makes for very interesting reading especially compared to the quarterly reports from other security vendors. The surprise in this report is that NTT Security has seen a 24% increase in attacks on customers over the…

Google Chrome browser extension attacks on the rise

Wordfence, a security vendor focused on the WordPress CMS, has published a warning about attacks against Google Chrome browser extensions. The blog was written by Mark Maunder, CEO, Wordfence and it lists the extensions at risk. It also gives advice for webmasters on how to protect themselves against attack. According to Maunder: “During the past…

A vaccine for Cerber ransomware?

Is there a defence against Cerber ransomware? Security vendor Cybereason says yes. It has identified a flaw in the way Cerber protects itself from security software. That flaw, according to a blog by Uri Sternfeld, Lead Researcher, Cybereason is something companies can easily exploit themselves. According to Sternfeld: “To avoid encrypting canary files and triggering…