live casino online

Security researchers a new ransomware named ShurL0ckr (detected by live casino online as RANSOM_GOSHIFR.B) that reportedly bypasses detection mechanisms of cloud platforms. Like Cerber and Satan, ShurL0ckr¡¯s operators further monetize the ransomware by peddling it as a turnkey service to fellow cybercriminals, allowing them to earn additional income through a commission from each victim who pays the ransom.

The researchers¡¯ analysis of ShurL0ckr indicates it can evade detection by cloud applications where it¡¯s reported to proliferate. Like other ransomware, phishing and drive-by downloads are their likeliest infection vectors.

ShurL0ckr¡¯s discovery was part of a larger problem: cybercriminals abusing legitimate platforms and services. The researchers noted that 44% of businesses using cloud applications were in some way affected by malware. In fact, they found at least three enterprise software-as-a-service (SaaS) applications infected with malware. The researchers also found malicious scripts and executables, as well as Trojanized Office documents and image files, to be the most commonly used entry point.

[RELATED NEWS: Security Flaw in Google Apps Script can Let Hackers Deliver Malware via SaaS Platform]

Indeed, ransomware isn¡¯t going away any time soon. In fact, it¡¯s projected to be a cybercriminal mainstay, along with , as organizations increasingly incorporate emerging technologies to conduct business.

How exactly does RaaS figure into this? It lowers barriers to entry. Typically, a developer will write the malware, build its infrastructure, then make it accessible to others regardless of their technical knowhow. This business model continued to boom into 2017, as evidenced by the in ransomware¡¯s economy in the dark web. A lifetime license to WannaCry ransomware, for instance, was for just $50 in the Middle Eastern and North African underground two days after its outbreak in May last year.

Given ShurL0ckr¡¯s nature, the ransomware can be customized ¡ª from the ransom demand and encryption capabilities to how it¡¯s delivered, which makes defense in depth significant. Here are some best practices users and organizations can adopt to mitigate threats like ShurL0ckr:

• Regularly back up files and ensure their integrity and accessibility
• Keep the system, its applications, and the network updated; employ virtual patching for end-of-life and legacy systems
• Secure or restrict the use of tools typically reserved for system administrators to prevent their abuse
• Incorporate multilayered security mechanisms such as data categorization, network segmentation, application control/whitelisting, and behavior monitoring
• Enable the firewall, sandbox, and deploy intrusion detection and prevention systems
• Nurture cybersecurity awareness: Beware of social engineered email and develop proactive incident response and remediation strategies to mitigate further exposure