Slew of Source Code and Malware Leaks Increases Risk for Organizations

Earlier this month, an undergraduate student in Korea apologized for creating and making public the joke ransomware “Resenware.” The malware didn’t ask for money to decrypt files; instead, it required victims to score more than 200 million points on the “lunatic” level of the shooting game Touhou Seirensen ~ Undefined Fantastic Object. The student told… Read More

New Cryptocurrencies Gain Traction, Spark Concern For Law Enforcement

Last month a new ransomware emerged known as “Kirk Ransomware.” The malware was interesting not just because of the Star Trek-themed imagery of James Kirk and Spock that it used, but also because it may be the first ransomware to demand payment via the cryptocurrency Monero. There are literally hundreds of different types of existing… Read More

Ransomware Disrupting Business Operations and Demanding Higher Payouts

Malicious actors are continually fine-tuning their tactics, and one of the best examples of this is the evolution of ransomware. Ransomware has largely been an opportunistic, rather than a targeted, form of cybercrime with the goal of infecting as many users as possible. That model has worked so effectively that extortion is now ubiquitous when it… Read More

Fake Extortion Demands and Empty Threats on the Rise

I’ve previously written about the rise of extortion as an emerging trend for 2017, but if you didn’t want to take my word for it, you should have listened to the numerous warnings shared at this year’s RSA 2017. Cyber-extortion has become one of the primary cybersecurity-related issues facing organizations — and it appears to be here… Read More

Weekly Cyber Risk Roundup: Ransomware and Insecure Databases Dominate Headlines

Ransomware and extortion continue to dominate the headlines in 2017. The past week saw several widely reported incidents involving service outages and lost data due to infections, as well as warnings that malicious actors are attempting to extort organizations via the threat of DDoS attacks. The Austrian hotel Romantik Seehotel Jägerwirt paid approximately $1600 in… Read More

Weekly Cyber Risk Roundup: Ransomware Disrupts Organizations and Massive Data Leaks

Extortion is once again the top trending cybercrime issue as concern continues around the theft, destruction and blackmail related to thousands of insecure MongoDB, Elasticsearch, CouchDB and Hadoop Distributed File System installations. While those stories led much of the past week’s discussion, there was also a steady stream of reports of organizations being infected with… Read More

Weekly Cyber Risk Roundup: More Extortion and Marijuana Retailers’ Woes

Extortion continues to dominate the cybercrime headlines in 2017 with the week’s top two trending targets being the successful ransom at Los Angeles Valley College and continued extortion attempts around MongoDB databases. It was less than a year ago that Hollywood Presbyterian Medical Center became a national news story by paying a $17,000 ransomware demand… Read More

Weekly Cyber Risk Roundup: Another Botnet and the Gamification of Cybercrime

Botnets were once again front-and-center this past week as new developments were announced by security researchers, malicious actors and government officials. To start, CloudFlare observed a ten-day long series of distributed denial-of-service (DDoS) attacks that have generated as much as 400 Gbps in traffic, sparking fears of yet another massive botnet that can disrupt organizations.… Read More

San Francisco Muni Refuses Extortion Demands, But Many Others Choose to Pay

The San Francisco Municipal Transportation Agency (SFMTA) is continuing to deal with the fallout from a Friday ransomware attack that affected 900 office computers and led to passengers getting free rides as ticket machines were taken offline. The agency has since restored systems from a backup, and fares have been running as normal since Sunday; however, the… Read More

Weekly Cyber Risk Roundup: Ransomware Ups the Ante and Other Headlines

Three of this week’s top four trending industry targets centered around DDoS attacks. Linode, which made last week’s roundup over reported DDoS attacks, was targeted once again. The cloud hosting company has seen DDoS attacks throughout the month, with the latest attack coming on September 13, according to company logs. Additionally, Brian Krebs’ website was hit… Read More