New blog: Know and avoid the dangers of JavaScript-laden spam emails
 

Follow:

 Malware and virus encyclopedia

We’ve seen how ransomware managed to become a threat category that sends consumers and enterprise reeling when it hits them.  It has become a high-commodity malware that is used as payload to spam email, macro malware, and exploit kit campaigns. It also digs onto victims’ pockets in exchange for recovering files from their encrypted form.  This is where Crowti, Tescrypt, Teerac, and Locky have been very active.

Ransom:MSIL/Samas, which surfaced in the past quarter, has a different way of getting into the system – it has a more targeted approach of getting installed.  We have observed that this threat requires other tools or components to aid its deployment:
The majority of the Ransom:MSIL/Samas infections are detected in North America, and a few instances in Europe.

Read more about Samas on our blog "No mas, Samas: What's in this ransomware's modus operandi?"

But yes, you can say "no mas" (translation from Spanish: no more) to Samas ransomware.

To help prevent yourself from falling prey to Samas or other ransomware attacks, use Windows Defender for Windows 10 as your antimalware scanner, and ensure that MAPS has been enabled.

Though ransomware and macro-based malware are on the rise, there’s still something that you or your administrators can proactively do:

Prevalent threats

The following are recent top 10 most-detected threats in each category for the past seven days.

Top rogues

Top exploits

Top unwanted software

Top ransomware

Recently published

Exploit:Java/CVE-2013-1489.A (Fri, 06 May 2016 05:53:54 PDT)
TrojanDownloader:JS/Locky.A (Fri, 06 May 2016 05:32:44 PDT)
Trojan:BAT/Qhost!gen (Thu, 05 May 2016 20:53:19 PDT)
HackTool:Win32/Oylecann.A (Thu, 05 May 2016 20:50:28 PDT)
BrowserModifier:Win32/Shopperz (Thu, 05 May 2016 01:28:17 PDT)
Virus:Win32/Mabezat.B (Thu, 05 May 2016 01:23:53 PDT)
Ransom:Win32/Exxroute.A (Wed, 04 May 2016 00:11:39 PDT)
Win32/Locky (Tue, 03 May 2016 22:46:43 PDT)
Backdoor:Win32/Rifelku.A (Mon, 02 May 2016 21:19:39 PDT)
Backdoor:Win32/Kirts.A (Mon, 02 May 2016 21:18:13 PDT)