Cisco Blogs / Security / Threat Research / Nibiru ransomware variant decryptor Nikhil Hegde developed this tool. Weak encryption The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a … [Read more...] about Nibiru ransomware variant decryptor – Cisco Blogs
ransomware
FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems
The US Federal Bureau of Investigation (FBI), Departments of Homeland Security, and Health and Human Services (HHS) issued a joint alert Wednesday warning of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the [Healthcare and Public Health] Sector with TrickBot malware, often leading … [Read more...] about FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems
FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in … [Read more...] about FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
Watch Out — Microsoft Warns Android Users About A New Ransomware
Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected … [Read more...] about Watch Out — Microsoft Warns Android Users About A New Ransomware
A New Hacking Group Hitting Russian Companies With Ransomware
As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. The ransomware gang, codenamed "OldGremlin" and believed to be a … [Read more...] about A New Hacking Group Hitting Russian Companies With Ransomware
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in … [Read more...] about A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
Threat protection: The WastedLocker ransomware
Co-authored by Martin Lee, Talos Outreach manager, EMEA. Threat Protection is a new blog series as part of a collaboration between Talos and Cisco Security, combining Talos’ knowledge of the threat landscape and the Cisco Security portfolio. In it, we will highlight particular threats and showcase how Cisco Security’s multi-layered approach can prevent them from affecting your … [Read more...] about Threat protection: The WastedLocker ransomware
Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack
Garmin, the maker of fitness trackers, smartwatches and GPS-based wearable devices, is currently dealing with a massive worldwide service interruption after getting hit by a targeted ransomware attack, an employee of the company told The Hacker News on condition of anonymity.The company's website and the Twitter account say, "We are currently experiencing an outage that affects … [Read more...] about Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack
A New Ransomware Targeting Apple macOS Users Through Pirated Apps
Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps.According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest" — is packaged along with legitimate apps, which upon installation, disguises itself as … [Read more...] about A New Ransomware Targeting Apple macOS Users Through Pirated Apps
A decrytption utility for Shade ransomware is now available
Remember Shade ransomware? We’re writing this post because it’s not a threat anymore, and you can get your files back, even those encrypted by the latest versions of Shade. Let’s talk about how that happened. What is Shade ransomware? Shade, also known as Troldesh, is a nasty cryptor that began spreading back in 2015. It encrypted office documents, pictures, and archives (as … [Read more...] about A decrytption utility for Shade ransomware is now available