I have a funny story about ransomware. You see, a long time ago (well not that long in real time, but very long ago in ransomware time) I had a lab in the public cloud that got hit by ransomware. My best guess? Remote Desktop Protocol (RDP), also known as Ransomware Deployment Protocol. There’s a new …
Ransomware
Each and every day there is a new ransomware attack. Well, more like there are many many ransomware attacks each and every dayRecently, Lorenz Ransomware has been all over the news. While they have been around since 2020, we have heard new things about them over the last two years. Their latest attack has them …
n this VMware ransomware breakdown we are going to take a closer look at Cheerscrypt. A very special thank you to our friends at TrendMicro for their great breakdown on Cheerscrypt. Now, let’s take a closer look at what makes this one a little different from the rest. Cheerscrypt Ransomware Targets VMware ESXi Cheerscrypt is an interesting one …
Black Basta Rasnsomware is a multiplatform ransomware strain targeting Windows, Linux, and VMware ESXi. Black Basta is an interesting ransomware organization, as it is believed that there are former Conti and REvil members participating in it. If that doesn’t sound like a disaster waiting to happen, I don’t know what is. A Closer Look at …
Today for the latest in my ransomware series I thought it would be fun to take a look at a more interesting ransomware group with some history. REvil ransomware is an interesting one, since they were actually tracked down, members caught, and “disbanded”. Let’s take a closer look and some of the events during the …
GwisinLocker is a new piece of mutiplatform ransomware with a twist. It is a linux variant of ransomware targeting Linux machines and ESXi directly. While it does end up encrypting Windows VMs, it does not target the Windows OS specifically to exploit it;. This particular ransomware strain is very interesting, because it is targeting victims …