Latest Ransomware News and New File Extensions BADCANDY: New Encrypted File Extension: Not specified. Attack Methods: Exploitation of a critical vulnerability (CVE-2023-20198) in Cisco IOS XE devices to deploy a malicious implant. Targets: Unpatched Cisco IOS XE devices, with a specific warning issued for Australian entities. Decryption Status: No known method mentioned; the report is …

Latest Ransomware News and New File Extensions Russian Ransomware Gangs / AdaptixC2: New Encrypted File Extension: Not specified. Attack Methods: Russian-affiliated ransomware groups are increasingly using AdaptixC2, an open-source command-and-control (C2) framework, for post-exploitation activities and adversarial emulation. Targets: Not specified in the article. Decryption Status: Not applicable, as this news is about a tool …

Latest Ransomware News and New File Extensions Akira: New Encrypted File Extension: Not specified. Attack Methods: Data exfiltration for double extortion. The group claims to have stolen sensitive corporate data, including financial records, employee and client PII (Social Security Numbers, driver’s licenses), contracts, and legal documents. Targets: A diverse range of organizations including The Gerson …

Latest Ransomware News and New File Extensions Qilin Ransomware: New Encrypted File Extension: Not specified. Attack Methods: Abuses the Windows Subsystem for Linux (WSL) to execute Linux encryptors on Windows systems, a technique designed to evade detection by traditional security software. Targets: General Windows environments. Recently listed victims include entities in the legal, biosystems, and …

Latest Ransomware News and New File Extensions Qilin (aka Agenda): New Encrypted File Extension: Not specified in the articles. Attack Methods: Employs a Linux payload combined with a Bring Your Own Vulnerable Driver (BYOVD) exploit in hybrid attacks. Utilizes a ransomware-as-a-service (RaaS) model and double extortion by publishing stolen data on its leak site. Targets: …

Latest Ransomware News and New File Extensions Nova: New Encrypted File Extension: Not specified in the news. Attack Methods: Data exfiltration (100GB claimed) and public extortion. Targets: Papsud, a French office products distributor. Decryption Status: Data has been published; no known decryption method. Source: Sourced from ransomware leak site monitoring feed. Akira: New Encrypted File …

Latest Ransomware News and New File Extensions Safepay: New Encrypted File Extension: Not specified. Attack Methods: Not specified; victims are published on their leak site. Targets: A diverse range of international companies, including Construction Donald Provost (construction), Xortec GmbH (German tech distributor), MINO Group (Japanese manufacturer), Bannenberg & Rowell (luxury yacht design), and The Greenhouse …

Latest Ransomware News and New File Extensions Qilin: New Encrypted File Extension: Not specified. Attack Methods: Not specified. Targets: Healthcare (ClearCare Periodontal & Implant Centre, NurseSpring, Samera Health, CHDFS), Real Estate (IREM companies, Real Estate Specialists), Manufacturing (Gericke AG, Signet Armorlite, Inc.), Logistics (All Truck Transportation), Building Materials (Grupo Promasa), Printing (KHL Printing), and Food …

Latest Ransomware News and New File Extensions Multiple Ransomware Groups Announce New Victims: New Encrypted File Extension: Not specified in the announcements. The primary focus of these groups is data exfiltration for double extortion. Attack Methods: Data theft and publication on leak sites to pressure victims into paying a ransom. Specific initial access vectors were …

Latest Ransomware News and New File Extensions Akira: New Encrypted File Extension: Not specified in the provided news. Attack Methods: Not specified in the provided news. Targets: Pacific West Systems Supply (Wall and Ceiling supplier), Mailing.com (Printing and mailing company), Nvno (Napierski, VanDenburgh, Napierski & O’Connor, L.L.P. law firm). Decryption Status: No known free decryption …