At a glance.
- "Cylance" ransomware (no relation to Cylance).
- Update on the 3CX incident.
- The FSB's arrest of Evan Gershkovich.
- Hacktivists claim to have tricked wives of Russian combat pilots into revealing personal information.
"Cylance" ransomware appears (but it's no relation to Cylance).
Palo Alto Networks’ Unit 42 late last week spotted a new strain of ransomware that’s calling itself “Cylance” (with no relation to the security firm). The malware is targeting Windows and Linux systems. The ransom note instructs victims to email the attackers to begin negotiations. The ransom note states, in part:
“All your files are encrypted, and currently unusable, but you need to follow our instructions. Otherwise, you can’t return your data (never. It’s just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities – nobody will cooperate with us. It’s not in our interests.”
“To check the ability of returning files, we decrypt one file for free. That is our guarantee. If you will not cooperate with our service – for us, it does not matter. But you will lose time and data, cause just we have the private key. time is more valuable than money.”