February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the … Read more
February 12, 2024 at 08:39AM Cybersecurity researchers at Kookmin University and Korea Internet and Security Agency have discovered an “implementation vulnerability” in Rhysida ransomware, enabling the first successful decryption of its data. The findings led to the development of a recovery tool distributed by KISA, achieving data decryption by exploiting implementation vulnerabilities in ransomware. The … Read more
January 30, 2024 at 05:02PM Cohesity’s research reveals the prevalence of cyberattacks, leading companies to break ‘do not pay’ policies due to data recovery deficiencies. The study of 900+ IT and Security decision-makers shows a grim outlook for cyberattacks, with 79% being victims of ransomware. Companies require over 24 hours for data recovery, leading to … Read more
January 17, 2024 at 10:36AM The ‘LeftoverLocals’ vulnerability affects GPUs from AMD, Apple, Qualcomm, and Imagination Technologies, allowing data retrieval from local memory. Discovered by Trail of Bits researchers Tyler Sorensen and Heidy Khlaaf, it exploits incomplete memory isolation in GPU frameworks, enabling unauthorized data access. Mitigation efforts are underway, including patching and recommending automatic … Read more
December 30, 2023 at 10:25AM Security Research Labs (SRLabs) has developed a decryptor called the “Black Basta Buster” that allows victims of the Black Basta ransomware to potentially recover their files for free, exploiting a flaw in the encryption algorithm used by the ransomware gang. However, the developers have since fixed the bug, rendering the … Read more
December 19, 2023 at 01:57PM The US government disrupted the BlackCat ransomware-as-a-service, providing a decryption tool for affected organizations. The operation, also known as ALPHV, extorted around $68 million. Infiltrating the group, officials seized websites and revealed the gang’s tactics. BlackCat targeted sensitive data, including healthcare and critical infrastructure installations, causing widespread disruption. Key takeaways … Read more
December 19, 2023 at 12:33PM The US Department of Justice seized the ALPHV/BlackCat ransomware operation’s websites and created a decryptor to assist around 500 affected companies in recovering their data for free. By utilizing a confidential human source, the FBI accessed the ransomware gang’s affiliate panel to obtain private decryption keys. This operation is the … Read more
November 13, 2023 at 07:48AM Hunters International, a new ransomware group, has acquired the source code and infrastructure from the now-dismantled Hive operation to jumpstart its own efforts. Despite similarities, Hunters International claims to have purchased the Hive source code and website. The group focuses on data exfiltration rather than encryption, targeting victims for data … Read more