GrujaRS found a new variant of the SFile Ransomware that appends the .morseop-7j9wrqr! extension.

Michael Gillespie discovered new Xortist variants that append either the .jigsaaw or .wannacry extensions.

A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts.

The University of Utah has paid a $457,000 ransomware to prevent threat actors from releasing files stolen during a ransomware attack.

Xiaopao found the TapPiF Ransomware that appends the .ehre extension to encrypted files.

Xiaopao found new Dharma ransomware variants that append either the .Aim or .rec extension to encrypted files.

MalwareHunterTeam found a new in-development ransomware that utilizes a Slack hook to notify the developer of new victims.

Law enforcement in Ukraine has announced today the arrest of a cybercrime gang who ran 20 cryptocurrency exchanges where they laundered more than $42 million in funds for criminal groups.

Karsten Hahn found a new screen locker called P4YME that demands €75.

Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.

Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned.

Michael Gillespie found a new STOP ransomware variant that appends the .vari extension to encrypted files.

3xp0rt has found a threat actor selling a Coronaviruses Ransomas-as-a-Service for $5,000.

Jakub Kroustek found a new variant of the Dharma Ransomware that appends the .Back extension.

Karsten Hahn found a new HiddenTear variant that appends the .id-[].LOCKED extension and drops a ransom note named HOW TO RECOVER YOUR FILES !!!.txt.

A third of the universities in the United Kingdom responding to a freedom of information (FOI) request admitted to being a victim of a ransomware attack. These represent more than 25% of the universities and colleges in the country.

A ransomware gang has published unencrypted files allegedly stolen from Canon during a ransomware attack earlier this month.

Xiaopao found a new ransomware called RansomBlox.

The Dharma Ransomware-as-a-Service (RaaS) operation makes it easy for a wannabe cyber-criminal to get into the ransomware business by offering a toolkit that does almost everything for them.

A city in Colorado, USA, has been forced to pay $45,000 after the City's devices were encrypted in July, and they were unable to restore necessary files from backup.

Michael Gillespie found a new Matrix ransomware variant that appends the .AB89 to encrypted files and drops a ransom note named AB89_INFO.rtf.

Michael Gillespie found a new Dharma ransomware variant that appends the .xati extension to encrypted files.

Michael Gillespie found a new BigLock ransomware variant that appends the .pandemic extension to encrypted files and drops a ransom note named PROTECT.txt.

Michael Gillespie found a new STOP ransomware variant that appends the .oonn extension to encrypted files.

Avaddon ransomware is the latest cybercrime operation to launch a data leak site that will be used to publish the stolen data of victims who do not pay a ransom demand.

Jakub Kroustek found a new variant of the Dharma Ransomware that appends the .get extension.

Emsisoft has released a decryptor for the CheckMail7 Ransomware.

Michael Gillespie found a new Xorist ransomware variant that appends the .zes extension to encrypted files.

Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications. In an internal alert sent to employees, Canon has disclosed the ransomware attack and working to address the issue.

Xiaopao found a sample of the PhantomChina ransomware that appends the .phantom extension and drops a ransom note named !How_To_Decrypt_My_File_????????.hta.

Xiaopao found a new Dharma ransomware variant that appends the .WEEK extension to encrypted files.

Here we are seven years later scratching our heads, still thinking about what to do to defend ourselves against ransomware. You would think in seven years we ought to have gotten better at deterring attackers from this type online crime.But, like almost everything in information security, ransomware is a complicated, and an attack that has only grown more complex, particularly in the last 10 months.

Behavioral shifts changed the ransomware landscape as criminals challenge defenses

A manager on the Managed Threat Response team explains what to expect when you’re expecting a ransomware attack

Sophos’ senior security advisor on the growing threat of ransomware that threatens to publish companies’ private data

The Managed Threat Response manager offers a unique perspective on the realities of being the target of ransomware

American medium-sized companies are actively targeted by LockBit ransomware operators according to an Interpol report on the impact the COVID-19 pandemic had on cybercrime around the world.

The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software.

Marcelo Rivero found a new Dharma ransomware variant that appends the .homer extension and drops ransom notes named FILES ENCRYPTED.txt and Info.hta.

Smartwatch maker Garmin paid a multi-million dollar ransom to criminals who encrypted its computer files through a ransomware negotiation business called Arete IR, sources have told Sky News.

The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee.

Jirehlov found #Ransomware #Flystudio #China https://app.any.run/tasks/3d4fc8d4-2a2e-404b-a693-5a1680d456b8/… .itunes itunes-DECRYPT----1596322702829.txt sample note: https://pastebin.com/z3eW5Y1N

The Coveware Quarterly Ransomware Report describes ransomware incident response trends during Q2 of 2020. Ransomware attacks against enterprises forked in Q2 between big game attacks and an increase in new RaaS variants targeting small businesses. Victim demographics and resolution metrics are aggregated to present ransomware incident response statistics driven by actual case events.

d2hvYW1p found a new Nefilim Ransomware variant that appends the .NEF1LIM extension to encrypted files.

Alex Svirid found a new variant of the WannaCash Ransomware that changes an encrypted file's name to [number] ???? ??????????. ????. [ ????? mylifeisfear@cock.li ] .WANNACASH.

Michael Gillespie found a new Xorist ransomware variant that appends the .ZaCaPa extension to encrypted files.

Michael Gillespie found a new STOP ransomware variant that appends the .nile extension to encrypted files.

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack.

Emsisoft released an updated decryptor the RedRum Ransomware that now decrypts the .thanos variant.

An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to some Russian news sources. Authorities in Russia were able to identify the individual in cooperation with law enforcement in Romania and the U.K.

Michael Gillespie found a new variant of Xorist Ransomware that appends the .GlUtEzOn.VaNoLe extension to encrypted files.

Managed service provider Pivot Technology Solutions has disclosed that it was the victim of a ransomware attack that resulted in sensitive information being accessed by the hackers.

xiaopao discovered a new ransomware that does not append an extension but drops a ransom note named RANSOM_NOTE.txt.

Michael Gillespie found a new variant of Matrix Ransomware that appends the .MH24 extension and drops a ransom note named MH24_README.rtf.

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .mnbzr extension to encrypted files.

Toffee found a new MedusaLocker Ransomware variant that appends the .deadfiles extension to encrypted files.

xiaopao discovered a new ransomware called ElmersGlue_3 (not kidding).

xiaopao discovered a new variant of the CryLock Ransomware that appends a random extension to encrypted files.

The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices.

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .tcprx extension to encrypted files.

Michael Gillespie found a new variant of Matrix Ransomware that appends the .DECC extension to encrypted files.

Toffee found a new Everbe ransomware variant that appends the .COCKROACH extension to encrypted files.

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers.

North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today.

The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.

Michael Gillespie found a new variant of STOP Ransomware that is appending the .kook extension to encrypted files.

Garmin has officially confirmed that they were victims of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online.

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments.