Rhysida Ransomware Cracked, Free Decryption Tool Released

Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and...

In-Depth Analysis of NoEscape Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The NoEscape ransomware, suspected to be a rebrand of Avaddon, targets enterprises globally through multi-extortion attacks. Operating as Ransomware-as-a-Service, it encrypts files, changes wallpapers, a...

LockBit ransomware advisory from CISA provides interesting insights

The US Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand CERT NZ, NCSC-NZ have all...

New Ransomware Variants Flourish Amid Law Enforcement Actions

Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement's disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies. "Be it due to law enforcement,...

The Top Ransomware Threats Aren’t Who You Think

While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service RaaS actors dominate the entire ecosystem of encryption-attack threats. In fact, just three ransomware families, none of them household names, make up 64 percent of all threats detected...

New Ransomware Gangs Haron & BlackMatter Are After Fat Cats

So much for darkened servers at the headquarters of DarkSide or REvil ransomware groups. Turns out, we’ve got either their rebranded versions or two new ransomware gangs to contend with. The first new group to appear this month was Haron, and the second is named BlackMatter. As Ars Technica‘s Dan...

Another one bites the dust: Avaddon ransomware group shuts down operation

Are you seeing some pattern here? In what could be a called "shocking news" on Friday, BleepingComputer revealed that the gang behind the Avaddon ransomware shut down its operations after releasing more than 2,000 decryption keys to the technology news site. BleepingComputer claimed they received...

A week in security (May 10 – 16)

Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded. This attack triggered the White House to refine a planned Executive Order on cybersecurity. We also profiled DarkSide, the ransomware responsible for the...

Avaddon hackers steal SIM card data from Telstra service provider

By Waqas Hackread.com can confirm that hackers from the Avaddon ransomware gang are claiming to have gained access to “tens of thousands” of SIM cards. This is a post from HackRead.com Read the original post: Avaddon hackers steal SIM card data from Telstra service provider...