You don’t have to work in cybersecurity to be aware of the recent discovery that a sophisticated state actor had potentially compromised tens of thousands of private companies and government institutions in the Americas, Europe, and the Middle East. The means was a software supply-chain: attackers breached the software distribution infrastructure of tech vendor SolarWinds, embedding malware in its popular Orion network management tool. When customers downloaded the latest Orion product update, the malware surreptitiously spread throughout their organizations, in many cases finding and forwarding sensitive data to external servers controlled by the attackers. Now comes news that SolarWinds was not the only victim of this Advanced Persistent Threat (APT) attack. Cybersecurity vendor Malwarebytes disclosed earlier this week that it had also been victimized by the same threat actors.

While its current name may be fairly new, Ranzy Locker is simply the latest evolution in a line of ransomware variants that began with MedusaLocker. Many of its details have since changed, including a shift in encryption algorithms from AES-256 to Salsa20. The distribution vectors for Ranzy Locker remain somewhat unclear, though spam campaigns have been indicated as one method.

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats. Part of this work includes video updates to inform you of modern hazards in the digital landscape — such as ransomware attacks on major corporations and changes in business application security. Here’s a look at some of the most recent breaking news and analyses:

The success of the massive SolarWinds supply-chain attack presents an urgent new cybersecurity challenge to every business. We plumb the tactics used in the SolarWinds breach and show how Acronis defends against it and similar attacks.

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.

Following reports that SolarWinds’ Orion business software was compromised and used in a supply-chain attack by SUNBURST malware. The distributed malware then used elevated credentials gained by compromising network traffic management systems to target FireEye, a cybersecurity firm, and several U.S. government agencies. Details of the attack are available from the Cybersecurity and Infrastructure Security Agency (CISA). While not affected by this event, Acronis wants to reassure partners and customers that we have a strict, secure software development life cycle (SDLC) in place, which we continuously strengthen, to ensure our solutions are safe, secure, and reliable.

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.