What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
Minerva.webp 2022-12-29 12:30:23 New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection (lien direct) >We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora […] Ransomware ★★★
Minerva.webp 2022-11-24 14:24:10 Windows Service Failure Recovery Easily Exploitable for Ransomware (lien direct) >Windows Services are the OS mechanism used to initiate processes at system startup which provide services not tied to user interaction. Windows services consist of three components: a service application, a service control program (SCP), and the service control manager (SCM).    Characteristics of a service application.   Service applications consist of at least one […] Ransomware ★★
Minerva.webp 2022-08-25 10:23:06 STOP/DJVU Ransomware (lien direct) >STOP/DJVU ransomware has been with us since 2019. New versions are released periodically; however, the new STOP/DJVU ransomware versions usually focus on adding new encrypted file extensions. There were almost 200 different encryption extensions observed in the wild through 2019 alone.    This ransomware contains a lot of unused code, probably inserted to delay malware […] Ransomware Malware ★★★
Minerva.webp 2022-07-10 18:03:54 Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness? (lien direct) Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness? This month the Lockbit ransomware gang announced their first Bug Bounty program as part of their evolution into Lockbit 3.0.  A first sample of the new version was published by Arda Büyükkaya. According to theirnew ransomware wallpaper that appears after encryption, this specific version has been named 'Lockbit Black', which interestingly followstheir new execution method which is pretty similar tothe BlackCat ransomware execution method. There are actually even more similarities between the two ransomwares.  Ransomware
Minerva.webp 2022-05-31 16:33:34 New Microsoft Office “Follina” zero-day Already Shared on Ransomware Forums (lien direct) New Microsoft Office “Follina” zero-day Already Shared on Ransomware Forums The new zero-day MS Word vulnerability recently discovered by Nao_Sec on May 27, 2022, titled 'Follina' (CVE-2022-30190) targeting Microsoft Office is being actively utilised, Minerva researchers found. The exploit targets a vulnerability in Microsoft's Windows Support Diagnostic Tool (MSDT) that occurs due to the ms-msdt MSProtocol URI scheme which could load code and execute via PowerShell despite macros being disabled. Successful exploitation of the CVE enables an attacker to execute arbitrary code on the targeted host. However, the attacker must socially engineer the victim into opening a specially crafted file to exploit this issue which requires a targeted effort to succeed making the vulnerability less prominent to unskilled actors but highly relevant to ransomware gangs such as CONTI, CL0P and ALPHV. To combat this new threat businesses must focus on threat prevention-an approach in which Minerva excels. Ransomware Tool Vulnerability Threat
Minerva.webp 2022-05-19 16:53:56 What makes Ransomware so different from other malware and cyber threats? (lien direct) What makes Ransomware so different from other malware and cyber threats? Ransomware Malware
Minerva.webp 2022-05-02 09:54:14 New Black Basta Ransomware Hijacks Windows Fax Service (lien direct) New Black Basta Ransomware Hijacks Windows Fax Service Ransomware
Minerva.webp 2022-03-31 11:45:00 What Does it take To Beat the World\'s Fastest-Encrypting Ransomware? (lien direct) What Does it take To Beat the World's Fastest-Encrypting Ransomware? A new report by Splunk recently revealed that some ransomware variants encrypt files at a staggering rate of 25,000 files per minute. This means that now might be a good time to revisit your threat detection and response strategy. It's pretty clear that the moment a ransomware starts encrypting files, it's a losing race against time to minimize (not stop) the damage.   Ransomware Threat
Minerva.webp 2022-03-30 10:15:00 SunCrypt Ransomware Gains New Capabilities in 2022 (lien direct) SunCrypt Ransomware Gains New Capabilities in 2022 SunCrypt is a RaaS (Ransomware as a Service) group that was first seen in October 2019, and was one of the first groups to apply triple extortion* tactics to their attacks. Unlike other RaaS groups, SunCrypt runs a small and closed affiliate program. The first version of this ransomware was written in GO, but after C and C++ versions were released in mid-2020, the group became much more active. SunCrypt mostly affects the Services, Technology, and Retail industries. Our researchers recently identified an updated version of this ransomware which includes additional capabilities.  Ransomware
Last update at: 2024-05-20 01:08:03
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter