Researchers at endpoint protection specialist SentinelOne have uncovered a new variant of the CryptXXX ransomware family which is being spread via spam and possibly other means. The latest version fixes previous flaws in its file encryption methods which prevents use of free decryption tools and makes it impossible to decrypt files without paying the ransom. As with earlier versions of the ransomware this one hides by copying details from a legitimate .dll file -- in this case one related to CyberLink PowerDVD Cinema. Previous versions used details from a Microsoft dll. It's likely that the cybercrime team behind this variant is… [Continue Reading]