Latest ransomware publications

Knowing how ransomware is evolving is key to protecting against it, writes Ezat Dayeh, Senior Engineer Manager UK&I at Cohesity.

It is understood Campari was struck with Ragnar Locker, a sophisticated and relatively new form of ransomware first observed in 2019 affecting Microsoft Windows machines and associated with a hacking group of the same name. Security vendor Sophos has previously detected Ragnar Locker deployed inside a virtual machine to hide it from view.

The UK’s cybersecurity agency has issued an alert to schools, colleges and universities about an increase in hacking attempts around the start of the new academic year.

The National Cyber Security Centre (NCSC) has warned the education sector to be aware of ransomware attacks and urged organisations to follow their guidance on securing their networks.

Attackers continue to use the same methods that worked for them long before 2020: find a way in, then target privileged access to unlock doors.

Whenever we work with ransomware victims, we spend some time looking back through our telemetry records that span the previous week or two. These records sometimes include behavioral anomalies that (on their own) may not be inherently malicious, but in the context of an attack that has already taken place, could be taken as an early indicator of a threat actor conducting operations on the victim’s network.