A new form of ransomware has surfaced that is spreading through infected office documents. The ransomware is dubbed “Spider” and the primary targets appear to be users in Bosnia, Serbia, and Croatia.
read more →
Dec
13
Nov
14
Attackers have been recently breaking into corporate servers via RDP brute force attacks to spread a new variant of ransomware dubbed “LockCrypt.”
read more →- Nov 14, 2017 1:53:34 PM
- The Counterintelligence Team
- 0 Comments
- lockcrypt, ransomware, threat intelligence
Oct
20
A new form of ransomware, called Magniber, has surfaced in the wild and its main target is victims in South Korea.
The ransomware is delivered via the Magnitude exploit kit. Magnitude is a tool used for distributing mostly the Cerber ransomware, however, it took part in distributing the Locky and Cryptowall ransomwares as well.
read more →- Oct 20, 2017 1:46:56 PM
- The Counterintelligence Team
- 0 Comments
- threat intelligence, ransomware, magniber
Oct
18
Attackers have added another tool to their arsenal allowing them to screenshot desktops of infected victims.
The Necurs botnet had recently undergone a revival, spreading millions of malicious emails spreading the Locky ransomware along with the Trickbot banking Trojan.
read more →- Oct 18, 2017 1:46:23 PM
- The Counterintelligence Team
- 0 Comments
- ransomware, botnet, threat intelligence
Oct
16
A new ransomware has surfaced in the wild that’s targeting Android devices dubbed as DoubleLocker.
The ransomware performs a two-way action to lock the device by encrypting all files and changes the PIN. DoubleLocker is distributed as a fake Adobe Flash updated while compromised websites are spreading it.
read more →- Oct 16, 2017 2:16:20 PM
- The Counterintelligence Team
- 0 Comments
- threat intelligence, ransomware, DoubleLocker, Android
