ransomware

  1. News

    AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

    Original release date: April 8, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on...
  2. News

    VIDEO AA20-049A: Ransomware Impacting Pipeline Operations

    Original release date: February 18, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...
  3. News

    AA20-133A: Top 10 Routinely Exploited Vulnerabilities

    Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
  4. News

    AA20-106A: Guidance on the North Korean Cyber Threat

    Original release date: April 14, 2020 | Last revised: April 15, 2020 Summary The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international...
  5. News

    AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

    Original release date: April 8, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on...
  6. News

    VIDEO AA20-049A: Ransomware Impacting Pipeline Operations

    Original release date: February 18, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. CISA...
  7. News

    AA19-339A: Dridex Malware

    Original release date: December 5, 2019 Summary This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share...
  8. News

    Customer Guidance for the Dopplepaymer Ransomware

    Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymer ransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads. Our security research teams have investigated...
  9. Shayla Blackthorn

    Windows 10 Malware, Ransomware and Bit-locker Security.

    Hi. I recently lost 100,000 personal pictures and a lot of music I wrote for many years. I lost it to a ransomware, with a DOCM extension. I looked online and it said it was new and the encryption was done repeatedly up to 10 times deep. I happened to have ALL my backup usb hard drives attached...
  10. News

    How Ransomware and AI Are Making Tape Backup More Viable

    As ransomware gets smarter and the use of AI increases, tape-based backup offers some security and budget relief. Continue reading...
  11. News

    AA18-337A: SamSam Ransomware

    Original release date: December 03, 2018 Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam...
  12. P

    system restore

    When I tied to run this with 1803 t said the probable cause was an a/v interfering. I only have MBAM so I disabled it by right clicking and selecting "quit". When I ran system restore again the same thing happened. Can Windows be working against itself so I should disable ransomware etc.? I...
  13. voyager

    Windows 10 Strange happenings in a new Win10 install

    Just did a new PC build and have been forced to upgrade to Win10, --- Not a happy camper, but resigned to it. A few days ago I began getting this every time the OS is loaded: Then, I found this on one of my data drives about the same time: There has been nothing to indicate a ransomware...
  14. K

    Hide backup drives from malware

    I have implemented a method to 'hide' external USB backup drives from Windows. The process works as follows: - use Device Manager to determine the Hardware ID or Parent ID of the USB drive - label the USB drive appropriately - create a script to invoke Removedrive (freeware by Uwe Sieber) with...
  15. News

    TA17-181A: Petya Ransomware

    Original release date: July 01, 2017 | Last revised: July 28, 2017 Systems Affected Microsoft Windows operating systems Overview This Alert has been updated to reflect the National Cybersecurity and Communications Integration Center's (NCCIC) analysis of the "NotPetya" malware variant. The...
  16. News

    TA17-132A: Indicators Associated With WannaCry Ransomware

    Original release date: May 12, 2017 | Last revised: May 19, 2017 Systems Affected Microsoft Windows operating systems Overview According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in...
  17. News

    TA16-336A: Avalanche (crimeware-as-a-service infrastructure)

    Original release date: December 01, 2016 | Last revised: December 14, 2016 Systems Affected Microsoft Windows Overview “Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes...
  18. F

    Windows 7 Windows updates NOT Compaq laptop

    I have an older laptop that I try to keep secure with windows updates. Especially In the wake of all these ransom ware attacks. When new updates are issued on my desktop, I check the laptop to see if it will be getting same. Never happens. When I go to my security menu and ask for windows...
  19. News

    TA17-181A: Petya Ransomware

    Original release date: July 01, 2017 Systems Affected Microsoft Windows operating systems Overview On June 27, 2017, NCCIC was notified of Petya ransomware events occurring in multiple countries and affecting multiple sectors. Petya ransomware encrypts the master boot records of infected...
  20. News

    Update on Petya malware attacks

    As happened recently with WannaCrypt, we again face a malicious attack in the form of ransomware, Petya. In early reports, there was a lot of conflicting information reported on the attacks, including conflation of unrelated and misleading pieces of data, so Microsoft teams mobilized to...
Back
Top