Moving Target Defense Blog

A whopping 186.4 million Americans shopped in stores and online between Black Friday and Cyber Monday this year, according to the National Retail Federation. On average, these shoppers spent $361.90 per person over the five-day Thanksgiving weekend.

In April 2019, attackers who breached IT supplier Wipro leveraged the ConnectWise Control (formerly ScreenConnect) remote desktop application as a major component of their attack.

Last week, Intezer and IBM X-Force released new research identifying a new form of ransomware, which they named PureLocker. Written in PureBasic and designed to attack servers, this damaging new malware has been described as Malware-as-a-Service in a recent ZDNet article. 

Last week, a new strain of ransomware hit dozens of targets across Germany. The categorization as ransomware is really a misnomer as, while the attackers do demand a ransom, by that time the victim’s data has already been irreversibly wiped, even if the ransom is paid.

Morphisec Labs recently investigated an ongoing BitPaymer ransomware campaign that has been attacking companies across the U.S., both public and private, over the last 3 months.

Despite HIPAA regulations designed to keep them informed on the security of their personal health data, patients still seem to be in the dark. That was just one of the findings of Morphisec's new 2019 Consumer Healthcare Cybersecurity Threat Index.

The cybersecurity attack landscape moves fast, really fast. Last year, not a week passed that didn’t bring about news on a new ransomware incident. Of course ransomware’s very nature lends itself to newsworthy headlines based on how incredibly damaging to businesses this class of attacks can be.

July has been a busy month for the distributors of GandCrab ransomware. After about two months with no major update, the cybercrime gang behind GandCrab released version 4, and a few days later, version 4.1. The primary delivery method is via compromised WordPress websites, which have been hijacked to include fake crack application pages, which in turn redirect to the GandCrab executable. Other distribution methods are Exploit Kits (EK) and malicious email campaigns.

GandCrab Ransomware

Here is a look at GandCrab ransomware and some techniques it uses to evade detection and analysis. These days, most malware employs long chain attack and anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. Such is the case with GandCrab, a new ransomware strain that entered the scene late last month and is currently active.

Ransomware remained a major cybersecurity threat in 2017, leaving a trail of victims across all industries, company sizes and geographical borders. Phishing emails are the top ransomware delivery mechanism and they grow in number and sophistication daily. According to IBM, the number of ransomware-infected emails increased 6,000% this year. And the days of easily spotted spelling mistakes and obvious scams are long gone. Today’s phishing attacks are clever and subtle enough to trick even security veterans.