It’s no secret that there are a lot of websites on the internet hosting malicious content whether they be phishing pages, scams or malware itself. Every day we hear of new attacks, there’s a common denominator of either a user having clicked on a link to a fraudulent website or a site having played host to code that pulled a malicious payload down from a third-party server.

Ransomware isn’t a new phenomenon, but it’s effects are starting to be felt more widely, and more deeply than ever before. Behemoths like Sony, Nissan, FedEx, Kraft Foods and Deutsche Bank have all been hit in recent years, and the list is growing. The ongoing saga of the ransomware attack in Baltimore, MD has left citizens unable to pay parking tickets or finalize property sales. American small businesses may bear the brunt of the impact of ransomware’s global spread.

As a Professional Services Consultant, I have the pleasure of traveling all around the globe meeting clients and talking to a wide variety of IT security professionals who form the front line of defence against malware. One of my favorite topics is how people got their start in their careers in IT, but when I start discussing my own early years and touch upon my university studies, I’m often surprised by the number of people who do a double take when I share my chosen subject.

If you’re not in the IT industry, all the technical terms for malicious attacks on computer network systems can be confusing. It’s also pretty easy to think you know what you’re talking about but actually have not got it right. In today’s blog post, we’re going to tackle viruses and malware, a couple of the most-used terms when talking about email threat protection, and figure out how you can address them.

Texas’ Department of Information Resources (DIR) launched an investigation into the attacks once they learned of the incident this week. Based on the collected evidence, cyber security officials suspect the attacks to be orchestrated by a single person where the bad actor encrypted files and appended the .JSE extension to the encrypted files.

Two years after the WannaCry ransomware outbreak shone a light on the computer security of the UK’s National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2300 PCs running the outdated operating system. The worrying statistic came to light in the response to a parliamentary question asked by shadow minister Jo Platt MP. The fact that 2,300 NHS computers are still running Windows XP is, obviously, not great news.

Alien Labs has identified an unreported and ongoing malware campaign, which we attribute with high confidence to the adversary publicly reported as “StrongPity”. Based on compilation times, infrastructure, and public distribution of samples - we assess the campaign operated from the second half of 2018 into today (July 2019). This post details new malware and new infrastructure which is used to control compromised machines.

With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. Malware analysis — the basis for understanding the inner workings and intentions of malicious programs — has grown into a complex mix of technologies in data science and human interpretation. This has made the cost of maintaining a malware analysis program generally out of reach for the average organization.

According to Google, Ryuk is ‘a fictional character in the manga series Death Note’. I have no idea what this is, but I imagine it’s significantly less interesting than the Ryuk ransomware campaign that’s currently hitting businesses right across the world. The UK’s NSCS is investigating such campaigns and has recently published an advisory on it, and we’re no strangers to Ryuk at Bulletproof either.

2019 Has been an interesting year for Ransomware thus far. After plaguing countless victims with dreaded ransom notes and bringing some pretty large corporations to their knees, the attack method built a strong reputation for inflicting cyber terror on consumers and businesses. As cyber criminals noticed increasing success from this method, the trends shifted towards more targeted enterprise attacks with the potential for more lucrative payouts.