CDK Attack: Why Contingency Planning Is Critical for SaaS Customers

June 24, 2024 at 06:03PM CDK is working to restore its dealer management system after a ransomware attack, impacting daily operations at 15,000 automotive dealers. The meeting notes highlight the ongoing impact on daily operations at approximately 15,000 automotive dealers due to CDK’s efforts to restore its dealer management system following a ransomware attack last … Read more

Car dealers stuck in the slow lane after cyber woes at software biz CDK

June 24, 2024 at 02:08PM Several US companies filing Form 8-Ks with the SEC have referenced a cyber incident affecting CDK Global, a major software provider for car dealerships. The incident has disrupted business operations, leading affected companies to deploy mitigation strategies. CDK has faced two system shutdowns and is reportedly considering a ransom payment … Read more

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

June 7, 2024 at 05:00AM The FBI has 7,000 decryption keys for LockBit ransomware, aiming to help victims. The gang’s infrastructure was dismantled in an international operation, and its administrator, Dmitry Yuryevich Khoroshev, was identified. Despite this, LockBit remains active, with new variants targeting vulnerable Microsoft SQL servers and VMware ESXi systems. Organizations are warned … Read more

FBI encourages LockBit victims to step right up for free encryption keys

June 6, 2024 at 03:49PM The FBI, together with international partners, took down the LockBit ransomware gang and identified a suspect named Dmitry Khoroshev. They have obtained over 7,000 decryption keys to help victims recover their data. However, victims should still remain cautious as LockBit may still possess their data, emphasizing the importance of preventing … Read more

LockBit Ransomware Gang Resurfaces With New Site

February 26, 2024 at 08:51AM The LockBit ransomware operators faced law enforcement disruption, seizure of servers, and the arrest of individuals. Authorities obtained decryption keys and offered rewards. LockBitSupp launched a new leak site, attributing the takedown to a PHP flaw and announced improvements. LockBit faced decline and struggles attracting affiliates. The true masterminds behind … Read more

Free Rhysida ransomware decryptor for Windows exploits RNG flaw

February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the … Read more

Rhysida Ransomware Cracked, Free Decryption Tool Released

February 12, 2024 at 08:39AM Cybersecurity researchers at Kookmin University and Korea Internet and Security Agency have discovered an “implementation vulnerability” in Rhysida ransomware, enabling the first successful decryption of its data. The findings led to the development of a recovery tool distributed by KISA, achieving data decryption by exploiting implementation vulnerabilities in ransomware. The … Read more

Cohesity Research Reveals Most Companies Pay Millions in Ransoms

January 30, 2024 at 05:02PM Cohesity‚Äôs research reveals the prevalence of cyberattacks, leading companies to break ‘do not pay’ policies due to data recovery deficiencies. The study of 900+ IT and Security decision-makers shows a grim outlook for cyberattacks, with 79% being victims of ransomware. Companies require over 24 hours for data recovery, leading to … Read more

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

January 17, 2024 at 10:36AM The ‘LeftoverLocals’ vulnerability affects GPUs from AMD, Apple, Qualcomm, and Imagination Technologies, allowing data retrieval from local memory. Discovered by Trail of Bits researchers Tyler Sorensen and Heidy Khlaaf, it exploits incomplete memory isolation in GPU frameworks, enabling unauthorized data access. Mitigation efforts are underway, including patching and recommending automatic … Read more

New Black Basta decryptor exploits ransomware flaw to recover files

December 30, 2023 at 10:25AM Security Research Labs (SRLabs) has developed a decryptor called the “Black Basta Buster” that allows victims of the Black Basta ransomware to potentially recover their files for free, exploiting a flaw in the encryption algorithm used by the ransomware gang. However, the developers have since fixed the bug, rendering the … Read more