A new bootlocker ransomware called RedBoot will encrypt files on the computer, replace the MBR, or Master Boot Record, of the system drive and then appears to trash the partition table.
The big news this week is a new variant of the Locky ransomware and its distributors continuing to use massive spam campaigns to distribute it. In other news, we had some small variants that will never make it into distribution or are jokes, but have an interesting "twist" to them.
A new ransomware called InfinityLock utilizes an interesting ransom note that pretends to be a hacker typing commands into a Windows Command Prompt.
A new variant of the BTCWare ransomware was discovered by ID-Ransomware's Michael Gillespie that appends the .[email]-id-[id].wyvern extension to encrypted files. The BTCWare family of ransomware is distributed by the developers hacking into remote computers with weak passwords using Remote Desktop services.
A new joke screen locker called nRansomware was released that demands 10 nude pictures, which they will sell on under ground sites, in order to unlock the screen. This article will take a brief look at the malware and show how its nothing to be concerned about.
Today, I discovered a new variant of the CryptoMix ransomware that is appending the .SHARK extension to encrypted file names. This family of ransomware usually releases a new version almost every week, if not sooner, so it is a bit surprising to see them take almost three weeks to release this variant.
Today Microsoft released Insider Preview Build 16291 for PC to insiders on the fast ring that includes the ability for Cortana to transfer the current spot you are on in news articles or news listings to your PC. This allows you to read an article when on your phone and then continue reading it on your computer.
Today a new Locky Ransomware variant was discovered by Stormshield malware analyst coldshell that switches to the .ykcol extension for encrypted files. It is important to note that if you are infected with this ransomware, you are not infected with the Ykcol Ransomware, but rather Locky.
It has been another week of mostly small little in-dev ransomware that will never make it to distribution. In other news, Locky continues to send out large spam campaigns as it tries to become a major player again. Otherwise, not much to report, which we are always happy about.
A password stealing Trojan called AdService is being quietly distributed by adware bundles that typically install other programs such as Russian adware, extensions, clickers, adware, and fake system optimization programs. This Trojan is loaded through DLL hijacking in Chrome.
Today Microsoft released Insider Preview Build 16362 for PC to only insiders on the fast ring who have opted to skip ahead. This build brings improvements to the boot experience, narrator, Edge, gaming, input, and the Windows Shell.
Today at Apple's annual press conference, Apple unveiled the iPhone X, iPhone 8, Apple Watch Series 3, and Apple TV 4k. Let's take a look at the new features unveiled in these products.
Today, a victim of a new ransomware called Paradise posted in our forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS), I thought I would provide a brief analysis of how this ransomware works.
We have good news for once, which is a really slow week when it comes to ransomware. While we still had our share of smaller ransomware variants being release, overall there was not a lot of activity. The biggest activity is the continued by Locky distributors to become more widespread through the use of a variety of SPAM campaigns.
Today Microsoft released Windows Server Insider Preview Build 16278 to Windows Insiders. This build is the last Server build that will be released before the Ignite conference at the end of September, where the official Windows Server Version 1709 will be released. While there are no new features released as part of this build.