SOVA malware adds ransomware feature to encrypt Android devices
The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...]
The U.S. State Department on Thursday announced a $10 million reward for information related to five individuals associated with the Conti ransomware group
It was a very busy week for ransomware news and attacks, especially with the disclosure that Cisco was breached by a threat actor affiliated with the Yanluowang ransomware gang. [...]
Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.
Fashion Police chipping in on the bounty related to costliest strain of ransomware on record The US government is putting a face on a claimed member of the infamous Conti ransomware group as part of a $10 million reward for information about five of the gang's crew.…
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.
20% of the earned profit from the distribution of the ransomware will be paid to the affiliates
Advanced's infrastructure still down and out, recovery to take weeks or more Advanced, the MSP forced to shut down some of its servers last week after identifying an "issue" with its infrastructure hosting products, has confirmed a ransomware attack and says recovery will be in the order of weeks.…
State Department offers $10m reward for info on notorious group
CISA issues new alert about RaaS variant
Managed service provider Advanced publishes update on recent cyber incident
Most organizations don’t have the financial resources necessary to address ransomware and other cyberattacks, BlackBerry says Black Hat Many organizations are increasingly unprepared to deal with the skyrocketing costs of a ransomware attacks, at a time when the number of incidents and the payments demanded by cybercriminals are rising rapidly.…
Plus, spoiler alert: ransomware is gonna get a lot worse Black Hat video It turns out that ex-CIA chief information security officers don't spill secrets at bars in Vegas. Or via Zoom, while pretending to be at a Black Hat cocktail party.…
Even among businesses with cyber insurance, they lack coverage for basic costs of many cyberattacks, according to a BlackBerry survey.
The toolkit protects election infrastructure targeted by phishing, ransomware and DDoS attacks
Stop ransomware with Zero Trust security networks in place Webinar Faced with relentless cyberattacks organizations need the kind of defenses usually reserved for small states. And everything that Zero Trust principles can pull into play will help safeguard against the nimble nastiness of the dark actors intent on doing harm.…
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. [...]
Managed service provider (MSP) Advanced confirmed that a ransomware attack on its systems caused the disruption of emergency services (111) from the United Kingdom's National Health Service (NHS). [...]
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser