Ransomware macht Jagd auf ungepatchte Microsoft Exchange-Server winfuture.de - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from winfuture.de Daily Mail and Mail on Sunday newspapers.
The National Information Technology Development Agency (NITDA) has warned Nigerians to be wary of IGVM, a file-encrypting Ransomware infection. The IGVM,
The agency said the crypto-virus could spread in the form of web injectors, pirated software, spam emails, malicious software bundles, fake software updates, and deceptive online advertisements.
The Ryuk scourge has a new trick in its arsenal: Self-replication via SMB shares and port scanning.
A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found.
The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems (ANSSI). The agency said that it achieves self-replication by scanning for network shares, and then copying a unique version of the ransomware executable (with the file name rep.exe or lan.exe) to each of them as they’re found.
“Ryuk looks for network shares on the victim IT infrastructure. To do so, some private IP ranges are scanned: 10.0.0.0/8; 172.16.0.0/16; and 192.168.0.0/16,” according to a recent ANSSI report. “Once launched, it will thus spread itself on every reachable machine on which Windows Remote Procedure Call accesses are possible.”