Get a Pentest and security assessment of your IT network.

Cyber Security

REvil ransomware has a new ‘Windows Safe Mode’ encryption mode

The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode. The new -smode command-line argument was added that forces the computer to reboot into Safe Mode before encrypting a device. While running, the ransomware will prevent users from launching any programs through the Task Manager until it finishes encrypting the device. The encryption is likely to evade detection by security software and for greater success when encrypting files. The ransomware performs a forced restart of Windows that cannot be interrupted by the user.

Source: https://www.bleepingcomputer.com/news/security/revil-ransomware-has-a-new-windows-safe-mode-encryption-mode/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation