Results for: ransomware
Cybersecurity Threat Advisory: Spear-Phishing Campaign Spreading Hakbit Ransomware
Advisory Overview A spear-phishing campaign targeting various industries is utilizing malicious Microsoft Excel attachments to infect users with the “GuLoader” backdoor trojan. The threat actors then proceed to use GuLoader to download “Hakbit” ransomware onto the infected device. Recommendations to...
Cybersecurity Threat Advisory: RagnarLocker Ransomware Hits EDP Energy Giant
Advisory Overview Energy giant EDP was recently hit with RagnarLocker ransomware. The hacking group claiming responsibility is threatening to leak 10 TB of stolen data online, including personal information such as a password manager database if a ransom of almost...
Cybersecurity Threat Advisory: Maze Ransomware Hits Cognizant
Advisory Overview Cognizant was recently hit by the Maze ransomware. Maze is known for publicly shaming companies by leaking their data online until they pay a ransom, limiting the efficacy of backups in mitigating damage. The exact attack vector is...
Cybersecurity Threat Advisory: Sodinokibi Ransomware
Advisory Overview We have previously issued advisories on Sodinokibi Ransomware in Threat Advisory 0034-19 and Threat Advisory 0021-19. The same strand recently hit a Colorado Based MSP Synoptek and the foreign currency exchange Travelex. Sodinokibi has been particularly damaging and...
Targeted ransomware attacks creates new opportunities and challenges
Every successful high-profile ransomware attack that winds up gaining a lot of mainstream media coverage is generally good for managed service providers (MSPs) that specialize in helping organizations recover from such attacks. In the last few days, coverage of ransomware...
Cities of all sizes are being targeted by ransomware attacks
Last year, it was Atlanta that was brought to its knees by a ransomware attack, sending the city reeling for weeks. This year, it was Baltimore’s turn. The ranks of municipal ransomware victims looks very different.
Cybersecurity Threat Advisory: Ransomware Gang Hacks MSPs to Deploy Ransomware to Customers
What is the threat? A group of threat actors has targeted customers of Managed Service Providers (MSPs) using Remote Desktop Protocol (RDP) to provide remote assistance and technical support. In this case, the threat actors specifically targeted the SecureAnyware technology...
Cybersecurity Threat Advisory: Healthcare Providers Fall Victim to Ransomware Attacks
What is the threat? There has been a significant increase in ransomware attacks in recent months and the healthcare industry appears to be the prime target for these hackers. SKOUT CYBERSECURITY is tracking a recent trend where medical providers and...
Cybersecurity Threat Advisory: New ‘Sodinokibi’ Ransomware Exploits WebLogic Deserialization
What is the threat? A zero-day vulnerability in Oracle WebLogic Servers is actively being exploited in the wild by a sophisticated new ransomware variant dubbed “Sodinokibi”. The ransomware variant attempts to encrypt data found in the user directory and leverages...
The best defense against ransomware
Ransomware has been striking businesses of all sizes, including municipalities, impacting their infrastructures. In the past three months, cybercriminals have successfully attacked six major cities. In each case, the attack brought great inconvenience to the victims. The city of Baltimore...
