Black Kingdom Ransomware Jumps on the Exchange Express
When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercriminals were going to try the same exploitation method. They did not have to wait long. Despite ... Read More
Babuk Locker: Mediocre, But Gets the Job Done
New Year’s ransomware news came early this year, when various media platforms began reporting the discovery of Babuk Locker, the newest ransomware variant to target corporations by encrypting files across network-connected devices and extorting ransom payments. For those hoping to see new ground broken in ransomware technology, Babuk Locker would ... Read More
Pay2Key Ransomware Joins the Threat Landscape
As we approach the end of a year that has been trying for so many reasons, yet another ransomware has been seen in the wild targeting corporations—in particular, Israeli companies. A report published by Check Point Software tells of the new ransomware, which is called Pay2Key based on the heading ... Read More
Egregor: Sekhmet’s Cousin
The year 2020 will be remembered none too fondly for several reasons. For much of the world, the global pandemic that resulted in many countries going into lockdowns resulting in massive disruptions to daily life will feature prominently in humankind’s shared memory for some time. For the InfoSec community, it ... Read More
The Curious Case of SunCrypt
Toward the end of August, the gang behind the SunCrypt ransomware strain announced they had joined the Maze cartel of ransomware operators, which currently boasts Maze, LockBit and Ragnar Locker. After that announcement, reports began emerging of the first high-profile victim of the gang. However, not all is as it ... Read More
Exorcist Ransomware and CIS Exclusion
This year has been a bumper year for ransomware and its operators. Ransomware gangs are demanding millions; if those millions are not paid in time, then data stolen before encryption is either released to the public or sold to the highest bidder. Big names in the cybercriminal underground have returned ... Read More
Evil Corp’s WastedLocker Demanding Millions of Dollars for Decryption
What happens when one of the most prolific and infamous financially motivated cybercriminal organizations decides to develop a new ransomware strain? Unfortunately for us, this can be answered without conjecture or assumptions. Infamous cybercriminal organization Evil Corp, best known for the Dridex banking malware, answered that question for us in ... Read More
Stuck Between a Data Breach and a Ransom
2020 will be remembered for a whole host of reasons. Campfire stories will be told to grandchildren of when we all had to wear face masks, stand 2 meters apart and were not allowed to hug or shake hands. For those who hunt cybercriminals and attempt to shine a light ... Read More
Snake Ransomware Slithers Into the Light
For large portions of the population, targeting healthcare organizations during a global pandemic is a step too far. It is hard to justify the actions of ransomware gangs at the best of times, but attacks on organizations that are the front line against the COVID-19 health emergency is beyond the ... Read More
Hospitals Forced to Fight Another Pandemic
The current upsurge in hackers looking to take advantage of the COVID-19 pandemic has been well-documented, be they scammers and financially motivated hackers or well-funded and skilled state-sponsored groups. This in itself does not say much about the ethical foundation those hackers have. But, this has come to be expected ... Read More
