New Ryuk Ransomware Function Spreads Across Networks Quickly

In terms of ransoms paid, Ryuk is the most successful strain of ransomware in use today, having netted an estimated $150 million for the group behind the malicious code. According to a recent report published by France’s national cybersecurity agency, it just got even more dangerous. Ryuk has historically been used preferentially against hospitals and companies closely related to the …

Staying Up To Date On Software Patches Is Critical

Google’s Project Zero security team has an impressive track record when it comes to chasing down and addressing the most critical security flaws found. They’re tireless in their work, which has saved untold billions of dollars and hampered the efforts of hackers all over the world. The team has gathered some rather shocking statistics, however, including this eye-opener: Based on …

Hackers Are Using DDOS Attacks To Profit Off Businesses

Distributed Denial of Service Attacks (DDOS) have been used by hackers since the earliest days of the web. Get enough internet-connected devices to ping a server at the same time, and you can knock the server offline. Keep the pressure on and you can keep it offline, pretty much indefinitely. These days, given the web’s importance, that can easily bring …

Watch Out for Egregor Ransomware Now Hitting The Scene

A new ransomware strain burst onto the scene in September of this year (2020). Dubbed ‘Egregor’ by the research team at Digital Shadows who discovered it, it has already claimed more than seventy victims in nineteen countries around the world. Worse, the hackers controlling it appear to just be getting started. The malware is expertly designed and all of the …

People Are Paying Ransomware Attackers In Large Numbers In 2020

Hackers have increasingly gravitated to ransomware attacks in 2020, as being one of the best and most reliable paths to a payday. That brings to mind an interesting question though. Naturally, the viability of this type of attack comes down to what percentage of victims are willing to actually pay the ransom, and what is that number as of right …

Some Businesses Are Dangerously Avoiding Critical IT Security Updates

How good is your IT staff at staying current when it comes to applying all the latest security patches? Unfortunately, the answer for most businesses is, “probably not as good as you think.” According to research conducted by Bitdefender, a staggering 64 percent of un-patched vulnerabilities discovered on corporate networks in 2020 involve bugs that date back to 2018 and …

Corporate Internet Users Watch Out For Conti Ransomware

Although you may not be familiar with the name, a strain of ransomware called “Conti” is surging in popularity on the Dark Web and seeing a rapidly growing number of installations, so it’s definitely one to be on guard against. Advanced intel’s Vitali Kremez has been tracking this strain since it first appeared in late 2019. According to Kremez, the …

This New Malware Is Hitting Exchange Servers To Steal Info

In late 2019, a new strain of malware called “Valak” was detected. In the six months that followed its initial discovery in the wild, more than 30 variants of the code were detected. Initially, Valak was classified as a simple loading program. As various groups have tinkered with the code, it has morphed into a much more significant threat, and …

Major Security Flaw Found In Some Cisco Routers

Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 out of 10. It allows a remote attacker without credentials to execute commands to the operating software without proper authorization, which in turn, allows a hacker to take …

Update NinjaForms In WordPress To Avoid Potential Hack

Are you one of the million-plus website owners making use of Ninja Forms for WordPress? If so, be aware that the company has recently patched a serious security flaw that allowed hackers to inject malicious code and take over websites. The attack is accomplished via a Cross-Site Request Forgery (CSRF) that leads to a Stored Cross-Site Script attack. All versions …