Microsoft beefed up its ability to defend against ransomware in the Windows 10 Anniversary Update—but the updates are only useful for businesses using the right tools, according to Dark Reading. For example, the Edge browser—which is not as popular among business users as Chrome or Firefox—was updated so that the frequently-exploited Adobe Flash Player will run in an isolated container. Microsoft also enhanced its email services to help block ransomware and developed machine learning capabilities designed to catch ransomware stored in email attachments. Windows Defender now offers improved behavioral heuristics designed to help the tool determine if a file is launching a ransomware attack and respond accordingly. Microsoft last week released a white paper detailing all of the ransomware-related enhancements in Windows 10.
Report: Almost all phishing emails contain ransomware
Phishing emails—which are designed by cybercriminals to trick unwitting victims into opening malicious attachments or clicking on dangerous links—are a real pain. And these days almost every single one of them—97.25% to be exact—contains ransomware, according to a new report from PhishMe Inc., a provider of phishing defense solutions. PhishMe’s Q3 2016 Malware Review also found that the Locky is the ransomware variant most frequently used in phishing attacks. “Locky will be remembered alongside 2013’s CryptoLocker as a top-tier ransomware tool that fundamentally altered the way security professionals view the threat landscape,” Aaron Higbee, the CTO and Co-founder of PhishMe, explained in the report. “Not only does Locky distribution dwarf all other malware from 2016, it towers above all other ransomware varieties.” Remember: The best way to protect against phishing emails is to be skeptical of all incoming emails—and be sure to back up your data.
New ransomware being distributed by RIG-E exploit kit
A new ransomware dubbed CryptoLuck is being distributed via malvertising and RIG-E exploit kit—and that means it could eventually see wider distribution and infect more victims than most new ransomware variants that pop up these days, according to Bleeping Computer. CryptoLuck encrypts victims’ files and gives them 72 hours to pay a ransom of 2.1 bitcoin—approximately $1,500 USD—or their files will be deleted. A Proofpoint security researcher discovered the malvertising—malicious digital advertisements—that when clicked download the RIG-E exploit kit, which in turn looks for software vulnerabilities to exploit and launches the ransomware attack. Currently, the malvertising is confined to adult websites. But Proofpoint says there is a strong chance that CryptoLuck ransomware will eventually be distributed through other types of websites that have been compromised.
For even more ransomware news and information, visit the FightRansomare.com homepage today!