Ransomware: The average ransom payment doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.


Emotet Targeting US Military and Government

New research has found that the Emotet malware strain has increasingly been targeting the United State's government and military. The malware that spreads via email has been infecting organizations across the globe since as far back as 2014, but researchers at Cisco Talos recently discovered that the US government is the latest victim to compromised. The discovery was made by closely examining the patterns of outbound email associated with the malware.


Alien Labs 2019 Analysis of Threat Groups Molerats and APT-C-37

In 2019, several industry analyst reports confused the threat groups Molerats and APT-C-37 due to their similarity, and this has led to some confusion and inaccuracy of attribution. For example, both groups target the Middle East and North Africa region (with a special emphasis on Palestine territories). And, they both approach victims through the use of phishing emails that contain decoy documents (mostly in Arabic) and contain themes concerning the political situation in the area.


Travelex Still Offline Following Ransomware Attack

Not only have Global banks stopped customers transacting or ordering currency from Travelex, many have stopped transactions with third party currency providers altogether. Lloyd’s, Royal Bank of Scotland, Tesco and Sainsbury’s all receive their currency from Travelex. It has been reported by Travelex that no customer data has been compromised although no report has been publicly provided to explain how this has been determined.


AT&T Alien Labs analysis of an active cryptomining worm

This blog post provides an overview of the AT&T Alien Labs™ technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence, and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described below are historical, we at Alien Labs are continuing to see new attacks, which can be further researched on the Alien Labs Open Threat Exchange™ (OTX).


Importance of Malware Analysis Tools for Timely Malware Detection

Businesses today need to stay armed with robust mechanisms to ensure complete enterprise security. It is extremely essential for organizations to stay informed about cybersecurity trends. This calls for enterprises to be equipped with malware analysis tools to defend their work ecosystem in a cognitive fashion. It is known that diverse malware variants are being developed every day with the sole purpose of attacking the healthy workflow of an organization.


New Jersey Hospital Hackensack Meridian Health Pays Attackers Ransom

The largest hospital system in New Jersey said it paid an extortion fee to hackers who had disrupted medical facilities with a ransomware attack. A spokesperson for Hackensack Meridian Health, based in Edison, New Jersey said it was working to restore its computer systems following a Dec. 2 ransomware attack that forced administrators to cancel roughly 100 elective medical procedures.


City of New Orleans Suffering from Last Week's Ransomware Attack

The City of New Orleans suffered a major cyber attack last Friday that left a string of public services impacted over the weekend, forcing the city's Mayor, LaToya Cantrell, to declare a state of emergency. City workers were forced to unplug machines on Friday morning after the attack was detected. In a press conference hosted that after, city officials claimed that there was no official network compromise.


What is Spyware?

Spyware is unwanted software, a type of malicious software or malware, designed to expose sensitive information, steal internet usage data, gain access to or damage your computing device. Any software downloaded to a user's device without authorization can be classified as spyware. Even spyware programs installed for innocuous reasons often violate end user privacy agreements and have the potential for abuse.