ransomware

Today’s news of the cyberattack affecting healthcare organizations—including the National Health Service (NHS)—in the UK, is sobering. Sources are reporting that the ransomware attack has “crippled the health system’s ability to treat patients.” Thousands of non-emergency appointments have been canc…

This post was authored by Nick Biasini Throughout the majority of 2016, Locky was the dominant ransomware in the threat landscape.  It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting formats acted as a vehicl…

Ransomware continues to be a plague on the internet and still sets itself as the fastest growing malware family we have seen in the last number of years. In this post we describe the technical details about a newly observed campaign of the notorious Crypt0l0cker (aka TorrentLocker or Teerac) ransomw…

Indicators of Compromise (“IOC”) are used to suggest a system has been affected by some form of malware. An Indicator of Compromise can be anything from a file name to the behavior observed while malware is actively running on an infected system. Where do they look? Social media, new feeds, industry…

This post authored by Nick Biasini and Edmund Brumaghin with contributions from Sean Baird and Andrew Windsor. Executive Summary Talos is continuously analyzing email based malware always looking at how adversaries change and the new techniques that are being added on an almost constant basis. Recen…

      Locky has continued to evolve since its inception in February 2016. This has made it difficult to track at times due to changes in the way in which it’s distributed as well as various characteristics of the malware itself. The actors responsible for Locky have continuously…

As we enter Cybersecurity Awareness month, it’s an appropriate time to closely examine the specific security threats that retailers and hospitality providers face each and every day. In these industries, the overall “attack surface” is becoming dramatically more complex and hackers are more sophisti…

Ransomware and malware attacks have certainly been capturing recent headlines, and local governments, organizations and education institutions around the world have reportedly been targeted. These attacks have now spread across private and public sector industries, and are becoming a major threat. …

In the race to detect and contain ransomware on their networks, many organizations fail before they are out of the gate.  The reason has very little to do with technology, and more so a great deal to do with process. “But we bought all the good tools!”, such organizations protest. Good security tech…