Topic: ransom note

Sort by: Relevance | Date
  • Identify Ransomware: .BAGAJAI Ext (MedusaLocker3/Far Attack)
    November 7, 2025
    82%

    Identify Ransomware: .BAGAJAI Ext (MedusaLocker3/Far Attack)

    The .BAGAJAI ransomware encrypts files and targets backups, demanding a ransom via specific TOR pages or email addresses, posing a severe threat to small businesses and individuals. Security analysis uncovered malicious components like chisel.exe and BAGAJAI.exe, along with Mimikatz tools, indica...

    Read More »
  • ShinyHunters Unleash ShinySp1d3r Ransomware-as-a-Service
    November 20, 2025
    80%

    ShinyHunters Unleash ShinySp1d3r Ransomware-as-a-Service

    A new ransomware-as-a-service platform called ShinySp1d3r is being developed by threat actors linked to ShinyHunters and Scattered Spider, marking a strategic shift from using established gangs' encryptors to building their own bespoke operation. The ransomware features advanced capabilities incl...

    Read More »
  • Identify & Remove .BAGAJAI Ransomware (MedusaLocker3)
    November 7, 2025
    80%

    Identify & Remove .BAGAJAI Ransomware (MedusaLocker3)

    The .BAGAJAI ransomware, a variant of MedusaLocker3, encrypts files and demands cryptocurrency payment for decryption, often leaving victims with compromised backups and no free recovery tools available. Attackers use sophisticated methods like credential dumping tools such as Mimikatz to escalat...

    Read More »
  • New 'Obscura' Ransomware Emerges as Stealthy Threat
    September 25, 2025
    80%

    New 'Obscura' Ransomware Emerges as Stealthy Threat

    A new ransomware called "Obscura," discovered in late August 2025, uses domain infrastructure to stealthily spread across corporate networks by placing itself in the NETLOGON share for automatic replication. Upon execution, it disables recovery mechanisms like Volume Shadow Copies, terminates ove...

    Read More »
  • New Lockbit 3.0 Ransomware Uses .G5xG4GUv2 Extension
    September 4, 2025
    80%

    New Lockbit 3.0 Ransomware Uses .G5xG4GUv2 Extension

    A car repair shop experienced a ransomware attack that encrypted files and disrupted operations, emphasizing the need for strong backups and updated security. The attack exploited outdated software and weak network credentials, spreading to shared folders and leaving a ransom note with a unique f...

    Read More »
  • Inside the Qilin Ransomware Investigation
    November 23, 2025
    78%

    Inside the Qilin Ransomware Investigation

    Security analysts must creatively piece together limited digital evidence from various sources to reconstruct cyberattacks, as investigations are often complicated by incomplete visibility and delayed tool deployment. In a Qilin ransomware case, investigators used antivirus alerts and Windows log...

    Read More »
  • LockBit's Newest Ransomware Is Its Most Dangerous Threat Yet
    September 27, 2025
    72%

    LockBit's Newest Ransomware Is Its Most Dangerous Threat Yet

    LockBit 5.0 is a new, more dangerous ransomware variant targeting Windows, Linux, and VMware ESXi platforms, posing a cross-platform threat to entire enterprise infrastructures. The ransomware features faster encryption, enhanced evasion techniques like removing infection markers, and anti-forens...

    Read More »
  • Kraken Ransomware Evolves With Advanced Benchmarking
    November 18, 2025
    65%

    Kraken Ransomware Evolves With Advanced Benchmarking

    In August 2025, the Kraken ransomware group emerged as a sophisticated threat, using SMB vulnerabilities for initial access, Cloudflare for persistence, and SSHFS for data exfiltration before deploying cross-platform malware. Kraken's ransomware features an advanced benchmarking process to optimi...

    Read More »

Related Topics

file encryption (4) ransomware attack (3) help request (2) malware variants (2) backup encryption (2) webserver management (2) remote desktop protocol (2) ransomware variant (2)