Security Alerts & News
by Tymoteusz A. Góral

History
#1510 MarsJoke ransomware mimics CTB-Locker
Ransomware in its various forms continues to make headlines as much for high-profile network disruptions as for the ubiquity of attacks among consumers. We recently noted the non-linear growth of ransomware variants and now a new type has emerged, dubbed MarsJoke.

Proofpoint researchers originally spotted the MarsJoke ransomware in late August [1] by trawling through our repository of unknown malware. However, beginning on September 22, 2016, we detected the first large-scale email campaign distributing MarsJoke. This ongoing campaign appears to target primarily state and local government agencies and educational institutions in the United States.

The targeting of state and local government agencies as well as the distribution methods are very similar to a CryptFile2 campaign we described in August [2]. Gary Warners’s blog also reported on this and similar campaigns, indicating that a well-known botnet, Kelihos, is responsible for distributing this spam.
Read more
#1514 As we speak, teen social site is leaking millions of plaintext passwords
#1513 Sofacy APT targeting OSX machines with Komplex trojan
#1512 How Dropbox securely stores your passwords
#1511 Drupal patches multiple security flaws in core engine
#1510 MarsJoke ransomware mimics CTB-Locker
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12