MalwareHunterTeam researchers discovered a second variant this week of the CryptoMix ransomware appending the .0000 extension to encrypted files.
Hackers have been breaking into corporate servers via RDP brute-force attacks and manually infecting them with a new variant of ransomware called LockCrypt.
Another wiper malware posing as a ransomware is targeting German businesses under the guise of fake job applicants inquiring about openings.
The GIBON Ransomware variant was reportedly seen for sale in a dark web criminal forum with a $500 (£380) price tag in a Russian advertisement.
WannaCry and Cerber has totally dominated the ransomware landscape so far this year comprising almost all the attacks that have taken place, while other big names such as Locky were barely a blip on the radar.
Julia Sowells explains how the BitPaymer malware initially executes itself, makes a copy of itself and runs in two ADS. It hides in empty files; deletes its older executable file and transfers control of the malware to the newly created files.
Paying cyber-criminals to unleash your data from their grip is, ultimately, a futile exercise which breeds opportunities for them to expand, and gain a further advantage over innocent and unsuspecting victims says Daren Oliver.
A new strain of ransomware has been used to attack Japanese firms and delete evidence, according to security researchers. Hackers made significant attempts to hide covert operations.
Matrix ransomware is now being distributed via the RIG exploit kit on various sites displaying malvertising.
BadRabbit evidence is multiplying, like well rabbits, with the latest revelation being the malware used another stolen NSA tool to help it move laterally through networks.
A new report on the BadRabbit ransomware campaign that sprang up earlier this week has revealed that BadRabbit is most likely derived from NotPetya, based on clues in the code and other evidence.
Maher, Iran's Computer Emergency Response Team Coordination Center (CERTCC), has warned that 'Tyrant' ransomware is being distributed in the country via a compromised VPN app, undermines trust in IT dept.
Less than 24 hours after BadRabbit hopped out of its hole the malware is still spreading, albeit slowly, with US CERT having received reports of infections; researchers say this worm-like ransomware may have ties to Petya/NotPetya.
An Android banking trojan dubbed LokiBot turns into a ransomware when users try to remove its admin privileges in a last ditch effort to extort the user.
Update: Several Russian news agencies and additional targets in the Ukraine have reportedly being hit with cyber-attacks, which the security firm GroupIB believes to be based on a new variant of Petya called BadRabbit.
BadRabbit ransomware has hit at least three Russian media companies including Russian business newswire Interfax which became unable to deliver some of its news services, and Ukrainian infrastructure has also been hit.
This fact rarely comes out on Law & Order, but for some crime pays. And pretty well. Developers of ransomware well paid and malware cheap to buy.
Researchers at PhishMe recently detected two email-based phishing campaigns that infected users with either Lockyransomware or the Trickbot banking trojan based on the victim's geographical location.
At least two new Locky ransomware variants have been released within less than a month of each other although one of the variants is broken for the time being due to a malformed spam campaign.
Ransomware: "what are your IT team and 3rd party suppliers doing about it?" asks Ken Gilmour. Do they have back-up processes that isolates business critical data for fast recovery? Are they responsive when it comes to patching?
WannaCry ransomware was seen in an advertisement on the Middle Eastern and North African Arabic-speaking underground forums for £40 just two days after the malware's outbreak caused nearly £3 billion in damage.
If ransomware infects and encrypts a device you might swap it out for another device, but Andrew Cooke explains, if HMI devices get infected, unplugging equipment isn't always feasible, so the critical thing has to be prevention.
The global scale, impact and rate of spread of cyber-attacks over the past year is unprecedented reports Europol's 2017 Internet Organised Crime Threat Assessment (IOCTA).
Some Apple product owners have found themselves on the receiving end of a new ransom attack that has someone locking their device most likely using stolen iCloud credentials and initiating the Find My iPhone remote lock feature.
A new bootlocker malware is leaving researchers scratching their heads on whether to identify the malware as a poorly coded ransomware or a cleverly designed wiper.
Trojan uses NSA EtneralBlue exploit to hijack computers for new ransomware campaign targeting unpatched systems.
MalwarHunterTeam tweeted out news of a screenlocker posing as ransomware where the bad guys request nude photos of the victim instead of money.
Some 20 percent of Greater Manchester Police's computers are at risk of a ransomware hack due to still running Windows XP, according to research from Top10VPN.com
Cyber-criminals kicked off a spam campaign earlier this month capable of delivering either Locky or FakeGlobe ransomware creating a situation where a single person could be victimised twice in the same attack.
Mobile devices under increasing attack from malware, including ransomware, which has seen a 122 percent increase in variants as it becomes an increasingly attractive option for criminals.