A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called « intermittent encryption ». Called LockFile, the operators of the ransomware has been found exploiting recently disclosed flaws such as ProxyShell and PetitPotam to compromise #Microsoft #Windows servers and deploy file-encrypting #malware that scrambles only every alternate 16 bytes of a file, thereby giving it the ability to evade #ransomware defences.

https://thehackernews.com/2021/08/lockfile-ransomware-bypasses-protection.html