Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
218049 ZDNET 2021-10-14:
This new ransomware encrypts your data and makes some nasty threats, too
1.000 Find similar Compare side-by-side
218075 TECHREPUBLIC 2021-10-14:
Broadcom Software's Symantec Threat Hunter Team discovers first-of-its-kind ransomware
0.936 0.628 Find similar Compare side-by-side
217747 ZDNET 2021-10-11:
Ransomware: Even when the hackers are in your network, it might not be too late
0.594 Find similar Compare side-by-side
217922 TECHREPUBLIC 2021-10-11:
How to combat the most prevalent ransomware threats
0.549 Find similar Compare side-by-side
218038 ZDNET 2021-10-12:
Olympus suffers second cyberattack in 2021
0.034 0.533 Find similar Compare side-by-side
218009 ZDNET 2021-10-11:
Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it
0.515 Find similar Compare side-by-side
217967 ZDNET 2021-10-11:
Quest-owned fertility clinic announces data breach after August ransomware attack
0.502 Find similar Compare side-by-side
218210 ZDNET 2021-10-14:
More than 30 countries outline efforts to stop ransomware after White House virtual summit
0.480 0.481 Find similar Compare side-by-side
218203 ZDNET 2021-10-14:
The White House is having a big meeting about fighting ransomware. It didn't invite Russia
0.269 0.479 Find similar Compare side-by-side
218446 ZDNET 2021-10-18:
Sinclair confirms ransomware attack after TV station disruptions
0.461 Find similar Compare side-by-side
218144 TECHREPUBLIC 2021-10-15:
The White House holds an international summit on ransomware: What you should know
0.084 0.453 Find similar Compare side-by-side
218413 VENTUREBEAT 2021-10-18:
Data breach extortion scheme uncovered by NCC Group
0.449 Find similar Compare side-by-side
218192 ZDNET 2021-10-13:
Google analysed 80 million ransomware samples: Here's what it found
0.011 0.429 Find similar Compare side-by-side
218475 ZDNET 2021-10-18:
This new phishing attack features a weaponized Excel file
0.411 Find similar Compare side-by-side
218474 ZDNET 2021-10-18:
BlackByte ransomware decryptor released
0.410 Find similar Compare side-by-side
217855 TECHREPUBLIC 2021-10-13:
Dark Web: Many cybercrime services sell for less than $500
0.074 0.403 Find similar Compare side-by-side
218467 ZDNET 2021-10-15:
$5.2 billion in BTC transactions tied to top 10 ransomware variants: US Treasury
0.012 0.396 Find similar Compare side-by-side
217903 ZDNET 2021-10-12:
Australia's new ransomware plan to create ransomware offences and reporting regime
0.024 0.395 Find similar Compare side-by-side
218114 ZDNET 2021-10-15:
Brazilian insurance giant Porto Seguro hit by cyberattack
0.011 0.385 Find similar Compare side-by-side
218060 VENTUREBEAT 2021-10-15:
Cybersecurity report reveals critical business vulnerabilities
0.380 Find similar Compare side-by-side
218440 ZDNET 2021-10-18:
Acer hit with second cyberattack in less than a week, Taiwanese authorities notified
0.365 Find similar Compare side-by-side
218206 ZDNET 2021-10-14:
Acer confirms second cyberattack in 2021 after ransomware incident in March
0.352 Find similar Compare side-by-side
218044 ZDNET 2021-10-14:
This is how Formula 1 teams fight off cyberattacks
0.351 Find similar Compare side-by-side
218132 TECHREPUBLIC 2021-10-14:
How a vishing attack spoofed Microsoft to try to gain remote access
0.345 Find similar Compare side-by-side
217796 THEVERGE 2021-10-13:
OpenSea fixes vulnerabilities that could let hackers steal crypto with malicious NFTs
0.331 Find similar Compare side-by-side

1

ID: 218049

URL: https://www.zdnet.com/article/this-new-ransomware-encrypts-your-data-and-makes-some-nasty-threats-too/

Date: 2021-10-14

This new ransomware encrypts your data and makes some nasty threats, too

The group behind a new ransomware variant threaten to go beyond encrypting data in their attempts to force victims to pay up. Cybercriminals are distributing a new form of ransomware in attacks against victims in which they not only encrypt the network but also make threats to launch distributed denial of service (DDoS) attacks and to harass employees and business partners if a ransom isn't paid.  Dubbed Yanluowang, the ransomware was uncovered by cybersecurity researchers in Broadcom Software's Symantec Threat Hunter team while they were investigating an attempted cyberattack against a large undisclosed organization.   While the attempted attack wasn't successful, the investigation revealed a new form of ransomware. It also provided insight into how some cybercriminals are attempting to make attacks more effective -- in this case, with the threat of additional attacks. See also:  A winning strategy for cybersecurity (ZDNet special report). Yanluowang drops a ransom note telling the victim they've been infected with ransomware, telling them to message a contact address to negotiate a ransom payment. The note warns victims not to contact the police, FBI or authorities, and not to contact a cybersecurity company -- it's implied that if the victim does this, they won't get their data back.  But the cybercriminals behind Yanluowang go even further with their threats, suggesting that if the victim calls in outside help, they'll launch DDoS attacks against the victim -- overflowing their websites with so much traffic that they'll crash -- and they'll make calls to employees and business partners. They also suggest that if the victim isn't cooperative, they'll return with additional attacks or even delete the encrypted data, so it's lost forever.  "It's difficult to say if this is a genuine threat. However, it's certainly in line with what we're seeing from other ransomware actors who seem to feel threatened by victims calling in law enforcement or sharing information with third parties," Dick O'Brien, principal editor at Symantec, told ZDNet.  It's still unclear how the cybercriminals gained access to the network. Still, researchers uncovered the attack after identifying suspicious use of AdFind, a legitimate command line in the Active Directory query tool.  This tool is often abused by ransomware attackers and is used as a reconnaissance technique for exploiting Active Directory and finding additional ways to secretly move around the network, with the ultimate goal of deploying ransomware.   In this case, the attackers attempted to deploy ransomware just days after the suspicious activity was identified -- and ultimately, the attempted ransomware attack was prevented because the tell-tale signs of an attack had been recognized and blocked.  The best cyber insurance The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider. Read More Nonetheless, the emergence of yet another new ransomware group, particularly one making additional threats in order to coerce victims into paying ransoms, is an unwelcome development. See also: BYOD security warning: You can't do everything securely with just personal devices. The ransomware appears to be a work in progress so that it could become more effective in future. However, there are steps that organizations can take to protect their businesses from this threat and other forms of ransomware.  "Broadly speaking, they should adopt a defense in depth strategy, using multiple detections, protection, and hardening technologies to mitigate risk at each point of the potential attack chain," said O'Brien.  "Only allow RDP [Remote Desktop Protocol] from specific known IP addresses. We'd also advise implementing proper audit and control of administrative account usage," he added.  Other actions organizations can take to help protect against ransomware, and other cyberattacks include applying security patches as soon as possible, so cybercriminals can't exploit known vulnerabilities to access the network. Organizations should also equip users with multi-factor authentication tools, so it's more difficult for cybercriminals to take advantage of breached usernames and passwords.