Breaking News

The MedusaLocker ransomware first emerged in September 2019, infecting and encrypting Windows machines around the world.
There have been reports of MedusaLocker attacks across multiple industries, especially the healthcare industry which suffered a great deal of ransomware attacks during the COVID-19 pandemic.

In order to maximize the chances of successful encryption of the files on the compromised machine, MedusaLocker restarts the machine in safe mode before execution.
This method is used to avoid security tools that might not run when the computer starts in safe mode.

Egregor is a ransomware from the Sekhmet malware family that has been active since the middle of September 2020.

One of the most active ransomware groups, Egregor is part of the Sekhmet malware family that has been active since mid-September 2020. Like most other Ransomware groups, it targets organizations across the world. The ransomware operates by hacking into organizations, stealing sensitive user documents, encrypting data, and finally demanding ransom in exchange of decrypted documents.

Allegedly, 52 companies have been breached by the threat actor till today (as of October 30, 2020), from GEFCO group being among the first ones to the more recently affected organizations such as Crytek, Ubisoft, Foxtons Group, and Barnes & Noble.

U.S. government cybersecurity experts warned that “sophisticated threat actors” have been using new Russian malware variants, ComRAT and Zebrocy, in recent cyberattacks.

According to new malware analysis reports, Russian advanced persistent threat (APT) actors from Turla have developed new malware variant ComRAT.

In addition, Russian-linked APT28 hacking group has been behind attacks using Zebrocy malware.