CSOonline

New ransomware abuses Windows PowerShell, Word document macros

A new ransomware program written in Windows PowerShell is being used in attacks against enterprises, including health care organizations, researchers warn. PowerShell is a task automation and ...
Bleeping Computer

Magniber ransomware now infects Windows users via JavaScript files

A recent malicious campaign delivering Magniber ransomware has been targeting Windows home users with fake security updates. Threat actors created in September websites that promoted fake antivirus ...
Dark Reading

ESXi Ransomware Update Outfoxes CISA Recovery Script

Just a week after the Cybersecurity and Infrastructure Security Agency (CISA) released its recovery script against ransomware targeting VMWare ESXi virtual machines, a modified version of the malware ...
Bleeping Computer

New ShrinkLocker ransomware decryptor recovers BitLocker password

Bitdefender has released a decryptor for the 'ShrinkLocker' ransomware strain, which uses Windows' built-in BitLocker drive encryption tool to lock victim's files. Discovered in May 2024 by ...
techtimes

Black Basta Ransomware Attack: Threat Actors Abuse Windows Quick Assist to Launch Phishing Scheme

Cybercriminals have found a new vector for ransomware attacks by abusing the Windows Quick Assist feature. These financially motivated attackers, known as Storm-1811, use social engineering tactics to ...

AI-created ransomware and NFC attacks lead the surge in new cyberattacks - here's how you can stay safe this holidays

ESET Research's latest Threat Report detailed PromptLock, the first known AI-driven ransomware, “capable of generating malicious scripts on the fly”, using an OpenAI model, via the Ollama API, to ...
Network World

VMware ESXi server ransomware evolves, after recovery script released

The FBI and CISA have released a recovery script for the global ESXiArgs ransomware campaign targeting VMware ESXi servers, but the ransomware has since been updated to elude former attempts at ...