Source: https://www.bleepingcomputer.com/
The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim's ransom negotiations.
SunCrypt, a ransomware as service (RaaS) operation that reached prominence in mid-2020, is reportedly still active, even if barely, as its operators continue to work on giving its strain new capabilities.
Amigo-A found a new ransomware that drops a ransom note named Hello.txt.
Team Nautilus has uncovered a Python-based ransomware attack that, for the first time, was targeting Jupyter Notebook, a popular tool used by data practitioners. The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the server and deletes itself after execution to conceal the attack. Since Jupyter notebooks are used to analyze data and build data models, this attack can lead to significant damage to organizations if these environments aren’t properly backed up.
PCrisk found a new Dharma ransomware variant that appends the .snwd extension.
Threat analysts have discovered a new obfuscation technique used by the Hive ransomware gang, which involves IPv4 addresses and a series of conversions that eventually lead to downloading a Cobalt Strike beacon.
As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.
Atento, a provider of customer relationship management (CRM) services, has published its 2021 financial performance results, which show a massive impact of $42.1 million due to a ransomware attack the firm suffered in October last year.
PCrisk found new STOP ransomware variants that append the .voom, .mpag, .gtys, or .udla extensions.