ransomware

0.0 Introduction: In our previous post we discussed the AMP ThreatGrid Research and Efficacy Team’s continuous support for Ransomware attack vectors, generic behavior detection of un-discovered variants, and the creation of behavioral indicators once new variants are identified. In this post we̵…

This is the first in a series of blogs about advanced malware Behavioral Indicators Morph Over Time A large part of Threat Grid’s efficacy in determining the nature of a submitted file is through the use of over 675 indicators to identify malware. The initial indicators created for AMP Threat Grid…

Previously on the blog, we’ve discussed why cybersecurity is such an important topic in the education space, including the different types of attacks schools, colleges and universities might face, such as ransomware. But cybersecurity can be daunting – where do you begin? That’s easy – call in the e…

As schools, colleges, and universities become more connected, it opens up a world of possibilities for students. The IT market suggests today we have around 15 billion devices utilizing an IP address, and that number is expected to grow to approximately 500 billion devices by 2030. Everything from t…

You’re headed into the office, and your mind is on everything you need to finish today. Sometimes there just aren’t enough hours in the day! It’s a good thing you’ve gotten an early start this morning… But as you approach the office, you notice something strange: Are all of the blinds closed?…

Talos have observed a large uptick in the Zepto ransomware and have identified a method of distribution for the Zepto ransomware, Spam Email. Locky/Zepto continue to be well known ransomware variants and as such we will focus on the spam email campaign. We found 137,731 emails in the last 4 days usi…

We are pleased to announce the availability of the cryptolocker 4 white paper. Over the past year, Talos has devoted a significant amount of time to better understanding how ransomware operates, its relation to other malware, and its economic impact. This research has proven valuable for Talos and l…

Recently a large scale ransomware campaign delivering Samsam changed the threat landscape for ransomware delivery. Targeting vulnerabilities in servers to spread ransomware is a new dimension to an already prolific threat. Due to information provided from our Cisco IR Services Team, stemming from a…

The rise of ransomware over the past year is an ever growing problem. Business often believe that paying the ransom is the most cost effective way of getting their data back – and this may also be the reality. The problem we face is that every single business that pays to recover their files,…