Doppelpaymer ransomware, despite ongoing rumors, is not being spread via the Teams collaboration platform or BlueKeep remote desktop protocol flaws, Microsoft says. But it warns that the damaging crypto-locking code is being spread via stolen Active Directory administrator credentials.
After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services.
Pemex, Mexico's state-run oil company, is refusing to pay attackers a $5 million ransom after a ransomware attack against the firm's administrative offices, according to news reports. The company is still attempting to recover.
Ransomware continues to be a highly profitable cybercrime. Ransomware incident response firm Coveware reports that for the third quarter of this year, the average ransom amount paid was $41,198, a six-fold increase from the same period last year, driven by strains such as Ryuk and Sodinokibi.
For Russian-speaking hackers, ransomware used to be taboo. But GandCrab killed all such ethical qualms, democratizing ransomware-as-a-service, paving the way for new profit-sharing schemes such as Sodinokibi and driving a new generation of attackers to master advanced hacking skills, a new report finds.
A ransomware attack on the operator of non-profit clinics that serve the uninsured in St. Louis led to the breach of information on 152,000 patients, clinicians and employees. The organization says it did not pay a ransom, and IT experts have not been able to unlock the data encrypted by hackers.
Johannesburg has been hit with a ransomware attack that is crippling municipal services. City Power, an electric utility owned by the city that was hit by a similar attack in July - also was affected by the latest attack.
Pitney Bowes says it was infected by file-encrypting malware that has affected online accounts and mailing products but that client data doesn't appear to be at risk. The postage meter maker says "all options" are being considered for recovery, meaning that it could pay a ransom.
Organizations must take a number of critical steps to prepare a response to ransomware attacks before they hit, says Caleb Barlow, the new president and CEO of security consulting firm CynergisTek, who offers a guide.
More than 600 ransomware attacks pummelled local governments, schools districts and healthcare providers across the U.S. in the first three quarters of this year, according to a study by security firm Emsisoft. Meanwhile, the FBI this week issued a fresh warning about the threat.
Medical facilities and hospitals across the state of Victoria in Australia were infected by file-encrypting ransomware on Monday, causing the shutdown of patient booking systems and financial systems. At least one hospital has reverted to using paper-based systems.