The Unbearable Lightness of Operating Web-Based Attacks: How easy it is to steal money from IE 8.0-11.0 users

 
Looking back at the past year, there is no doubt that the malware-as-a-service industry, which sells and trades malware samples, attack tools, and a variety of services, is thriving. It means that cyber criminals with low technical skills can easily purchase attack tools from more advanced hackers, vastly increasing the number of potential attackers, attacks, and victims. Cerber, a ransomware-as-a-service operation, was one of the most dominant and profitable ransomware variants of 2016. Last December, a new DDoS (Distributed Denial of Service) collaborative effort dubbed Sledgehammer made headlines due to its unique operation mode. Participants were asked to attack targeted political ...

Signature-based security solutions can leave networks defenseless for months

 
Can you afford five months without protection for your network? In a recent blog post, Avanan wrote that after five months of using a malware sample in their demos to show how malware can bypass traditional security solutions the malware was finally detected by a major enterprise email solution provider. The sample, a Cerber variant, was originally caught by the SandBlast Zero-Day Protection solution. Cerber is a vicious ransomware-as-a-service operation, which we recently exposed in an in-depth report, CerberRing: An In-Depth Exposé on Cerber Ransomware-as-a-Service. It spreads through phishing emails and exploit kits, targeting thousands of users worldwide. Once it infiltrates, Cerber ...

CerberRing: An In-Depth Exposé on Cerber Ransomware-as-a-Service

 
Check Point researchers have uncovered the sophisticated infrastructure of Cerber, a Ransomware-as-a-Service, including the business model and money trail. For the full CerberRing Report click here. The ransomware epidemic continues to rage on, encrypting files of private and enterprise users alike. Ransomware has become a global problem. According to the FBI, the accumulated revenue in the first three months of 2016 was over $209 million. One question that naturally arises is - where does all this money go? In some cases, the operation is run by a single attacker, with the malware developer also serving as the distributor and the only one to profit from the campaign. However, the ...

Ransomware: what you need to know

 
In recent years, there has been a surge of ransomware attacks. It’s been reported all over security blogs, tech websites and in the news. Unfortunately, these attacks show no signs of slowing. If anything, they are getting worse. Cryptolocker, the first famous ransomware, was observed in the wild in 2013. From then until mid-2015, there were only a few active ransomware variants and their infection methods were limited. Some of these variants were even weak enough that it was possible to decrypt files without paying ransom. While quite a lot of variants have been created since then, many of them either don’t effectively infect users or run a low profile campaign. A good example is ...