Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Ransomware (Page 1 of 3)

Auto Added by WPeMatico

One of the Most Prolific Ransomware Viruses Can Now Be Unlocked Easily

625ff54d.png
Kaseya, an IT management software firm, says that it’s obtained the REvil universal decryption key through a “trusted third party.” This should help Kaseya recover data from a July 4th REvil ransomware attack that affected over 1,500 businesses.

Read This Article on Review Geek ›

Source: https://www.reviewgeek.com/93021/one-of-the-most-prolific-ransomware-viruses-can-now-be-unlocked-easily/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Andrew Heinzman

How to Update Windows Right Now to Fix PrintNightmare | Digital Trends

Run Windows Update and Reboot to make sure the latest patches are installed.

No matter what version of Windows you are running, you need to update NOW. If you are truly paranoid, shutdown your Print Spooler service, and set it to Manual start. You’ll need to start it to print to a network printer, but you will protect your system and network from this serious threat. Check out the article from Digital Trends below.

To Our Customers: If your servers are managed by Proactive Computing, they are already protected from the PrintNightmare threat. But please follow the instructions below to update your Windows PCs and Laptops today.

How to Update Windows Right Now to Fix PrintNightmare | Digital Trends https://www.digitaltrends.com/computing/how-to-fix-print-nightmare-on-windows-right-now/

Microsoft warns users to beware of a new ransomware trick

In recent months multiple high-profile large companies in the US have fallen victim to ransomware attacks. In at least two high-profile cases, the company has paid out millions of dollars to the attackers to get their data back. As hackers make more money using ransomware tactics, the incidence of attacks increases. Microsoft is now warning users to beware of phishing … Continue reading

Source: https://www.slashgear.com/microsoft-warns-users-to-beware-of-a-new-ransomware-trick-24679752/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Shane McGlaun

Ransomware attacks ‘are here to stay,’ Commerce secretary says

210606-raimondo-ap-773.jpg

Commerce Secretary Gina Raimondo said Sunday that ransomware attacks “are here to stay,” and that businesses should plan accordingly.

“The first thing we have to recognize,” she said, “is this is the reality, and we should assume and businesses should assume, that these attacks are here to stay and, if anything, will intensify. And so just last week the White House sent out a letter broadly to the business community urging the business community to do more.”

Speaking on ABC’s “This Week With George Stephanopoulos,” the former governor of Rhode Island declined to blame Vladimir Putin’s Russia outright in answering a question on whether the Biden administration should look to punish Russia, which is believed to be the source of some or all of these attacks.

“We are evaluating all the options and we won’t stand for a nation supporting or turning a blind eye to a criminal enterprise,” she said. “And as the president has said, we’re considering all of our options.”

She added: “This week when the president meets with Putin and other world leaders, this will be at the top of the agenda.”

In a ransomware attack, hackers seize control of a business or organization’s computer system by exploiting weaknesses in the security system, then lock up the entire system until a “ransom” is paid. Raimondo said one way to stymie international hackers is to approve Biden’s proposed infrastructure plan.

“Certain components of the American Jobs Plan provide for investments to shore up the nation’s cyber infrastructure,” she told Stephanopoulos.

Raimondo argued that the good news in all this was that businesses can make relatively simple changes to protect themselves against such attacks.

“Some very simple steps like two-factor authentication, having proper backups and backup technology, can be enormously helpful against a wide variety of these attacks. So it is clear that the private sector needs to be more vigilant, by the way, including small- and medium-sized companies,” she said.

Source: https://www.politico.com/news/2021/06/06/ransomware-attacks-commerce-secretary-492005
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: David Cohen

DOJ to Treat Ransomware Hacks Like Terrorism Now: Here’s the Full Memo

29bcb6a15648c3c33add6a618ad07a96.jpg

The U.S. Department of Justice plans to take a much harsher tack when pursuing cybercriminals involved in ransomware attacks—and will investigate them using similar strategies to the ones currently employed against foreign and domestic terrorists.

Read more…

Source: https://gizmodo.com/doj-to-treat-ransomware-hacks-like-terrorism-now-heres-1847027610
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Lucas Ropek

US meatpacking plants get back on stream after crippling cyber-attack

3500.jpg?width=1200&height=630&quality=8

Experts warn ‘no one is out of bounds’ after ransomware attack halts production at JBS, which supplies more than fifth of US beef

Meat-processing factories in the US run by the world’s largest company in that field are coming back on stream on Wednesday after a ransomware attack – as experts warned all corporate and local government leaders to be on the alert.

A cyber-attack on the meat processor JBS had forced it to halt all US operations while it scrambled to restore functionality. The attack, like other recent hacks, is believed to have originated in Russia.

Continue reading…

Source: https://www.theguardian.com/food/2021/jun/02/cyber-attack-targets-worlds-largest-meat-processing-company
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Alex Hern and Alexandra Villarreal

The SolarWinds hackers aren’t back—they never went away

"And people reliably click on these emails? Really?"

Enlarge / “And people reliably click on these emails? Really?” (credit: Kremlin official photo)

The Russian hackers who breached SolarWinds IT management software to compromise a slew of United States government agencies and businesses are back in the limelight. Microsoft said on Thursday that the same “Nobelium” spy group has built out an aggressive phishing campaign since January of this year and ramped it up significantly this week, targeting roughly 3,000 individuals at more than 150 organizations in 24 countries.

The revelation caused a stir, highlighting as it did Russia’s ongoing and inveterate digital espionage campaigns. But it should be no shock at all that Russia in general, and the SolarWinds hackers in particular, have continued to spy even after the US imposed retaliatory sanctions in April. And relative to SolarWinds, a phishing campaign seems downright ordinary.

“I don’t think it’s an escalation, I think it’s business as usual,” says John Hultquist, vice president of intelligence analysis at the security firm FireEye, which first discovered the SolarWinds intrusions. “I don’t think they’re deterred and I don’t think they’re likely to be deterred.”

Read 11 remaining paragraphs | Comments

index?i=Ac9xzDKtXsE:cQu0qwbsw6s:V_sGLiPB index?i=Ac9xzDKtXsE:cQu0qwbsw6s:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/gadgets/2021/05/the-solarwinds-hackers-arent-back-they-never-went-away/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: WIRED

It’s ransomware, or maybe a disk wiper, and it’s striking targets in Israel

The flag of Iran.

Enlarge (credit: Getty Images)

Researchers say they’ve uncovered never-before-seen disk-wiping malware that’s disguising itself as ransomware as it unleashes destructive attacks on Israeli targets.

Apostle, as researchers at security firm SentinelOne are calling the malware, was initially deployed in an attempt to wipe data but failed to do so, likely because of a logic flaw in its code. The internal name its developers gave it was “wiper-action.” In a later version, the bug was fixed and the malware gained full-fledged ransomware behaviors, including the leaving of notes demanding victims pay a ransom in exchange for a decryption key.

A clear line

In a post published Tuesday, SentinelOne researchers said they assessed with high confidence that, based on the code and the servers Apostle reported to, the malware was being used by a never-before-seen group with ties to the Iranian government. While a ransomware note they recovered suggested that Apostle had been used against a critical facility in the United Arab Emirates, the primary target was Israel.

Read 11 remaining paragraphs | Comments

index?i=rNGmY81NQ3E:NMru6vXPAIQ:V_sGLiPB index?i=rNGmY81NQ3E:NMru6vXPAIQ:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/gadgets/2021/05/disk-wiping-malware-with-irananian-fingerprints-is-striking-israeli-targets/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dan Goodin

What is Typosquatting and How Do Scammers Use it?

a534e622.jpg
One typing mistake and the typosquatters might catch you. It might sound like a cyberpunk thriller but it’s a real cybersecurity threat. We explain what it is and how to protect yourself.

Read This Article on CloudSavvy IT ›

Source: https://www.cloudsavvyit.com/11288/what-is-typosquatting-and-how-do-scammers-use-it/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Dave McKay

Ireland’s health care system taken down after ransomware attack

St. Vincent's University Hospital in Dublin, Ireland.

Enlarge / St. Vincent’s University Hospital in Dublin, Ireland. (credit: Bloomberg | Getty Images)

Ireland has shut down most of the major IT systems running its national health care service, leaving doctors unable to access patient records and people unsure of whether they should show up for appointments, following a “very sophisticated” ransomware attack.

Paul Reid, chief executive of Ireland’s Health Service Executive, told a morning radio show that the decision to shut down the systems was a “precautionary” measure after a cyber attack that impacted national and local systems “involved in all of our core services.”

Some elements of the Irish health service remain operational, such as clinical systems and its Covid-19 vaccination program, which is powered by separate infrastructure. Covid tests already booked are also going ahead.

Read 12 remaining paragraphs | Comments

index?i=kIW2dHc6flo:Q5szCVN9ftg:V_sGLiPB index?i=kIW2dHc6flo:Q5szCVN9ftg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/information-technology/2021/05/irelands-healthcare-system-taken-down-after-ransomware-attack/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Eric Bangeman

« Older posts