Lucene search
K

97 matches found

ThreatPost
ThreatPost
•added 2022/03/02 6:14 p.m.•642 views

Conti Ransomware Decryptor, TrickBot Source Code Leaked

The pro-Ukraine member of the Conti ransomware gang who promised to eviscerate the extortionists after they pledged support for the Russian government has spilled yet more Conti guts: The latest dump includes source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s...

10CVSS8.8AI score0.99512EPSS
Exploits75References28
Kitploit
Kitploit
•added 2022/01/09 8:30 p.m.•49 views

Shellcode-Encryptor - A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus

A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the bypass, I have found injecting the binary into memory using PowerShell as the most effective method. Purpose To generate a .Net binary containing base64 encoded, AE...

7.6AI score
Exploits0References3
The Hacker News
The Hacker News
•added 2021/10/18 6:49 a.m.•14 views

REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised

REvil, the notorious ransomware gang behind a string of cyberattacks in recent years, appears to have gone off the radar once again, a little over a month after the cybercrime group staged a surprise return following a two-month-long hiatus. The development, first spotted by Recorded Future's...

6.6AI score
Exploits0
HackRead
HackRead
•added 2021/09/16 5:20 p.m.•23 views

Universal decryptor key for Sodinokibi, REvil ransomware released

By Waqas Bitdefender stated that all victims who got their files/data encrypted by the REvil ransomware might use the decryptor key to restore them. This is a post from HackRead.com Read the original post: Universal decryptor key for Sodinokibi, REvil ransomware released...

6.9AI score
Exploits0
ThreatPost
ThreatPost
•added 2021/09/16 1:0 p.m.•16 views

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

REvil victims, your prayers have been answered: There’s a universal decryptor key waiting to free you. Bitdefender is releasing a free, universal decryptor key to unlock data of victimized organizations that were encrypted by REvil/Sodinokibi ransomware attacks before the gang’s servers went...

6.3AI score
Exploits0References14
ThreatPost
ThreatPost
•added 2021/09/13 6:59 p.m.•32 views

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key?

UPDATE The REvil ransomware gang’s tentacles shot out yet again last week, with the ransomware gang’s servers back online, a fresh victim listed on its site, ransomware payments back up and flowing, and an explanation of why it took a two-month hiatus. A purported REvil representative also...

6.3AI score
Exploits0References16
ThreatPost
ThreatPost
•added 2021/08/27 1:50 p.m.•22 views

Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor

Another cybercriminal gang notorious for ransomware attacks has shut down, publishing its decryptor online to allow victims unlock and recover files. The Ragnarok gang, also known as Asnarok, closed up shop this week, publishing the news to their public website, according to a post published...

7AI score
Exploits0References12
The Hacker News
The Hacker News
•added 2021/08/27 9:24 a.m.•33 views

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

U.S. technology firm Kaseya has released security patches to address two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity solution that could result in privilege escalation and authenticated remote code execution. The two weaknesses are part of a trio of...

8.5AI score
Exploits0
ThreatPost
ThreatPost
•added 2021/07/23 12:21 p.m.•74 views

Kaseya Obtains Universal Decryptor for REvil Ransomware

Kaseya has obtained a master decryptor key for the REvil ransomware that locked up the systems of at least 60 of its customers in a spate of worldwide cyberattacks on July 2. The attacks, which exploited now-patched zero-days in the Kaseya Virtual System/Server Administrator VSA platform, affecte...

7.3AI score
Exploits0References8
The Hacker News
The Hacker News
•added 2021/07/23 4:40 a.m.•58 views

Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

Nearly three weeks after Florida-based software vendor Kaseya was hit by a widespread supply-chain ransomware attack, the company on Thursday said it obtained a universal decryptor to unlock systems and help customers recover their data. "On July 21, Kaseya obtained a decryptor for victims of the...

1.5AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
•added 2021/04/23 12:0 a.m.•8 views

This Week in Security News - April 23, 2021

XCSSET Quickly Adapts to Macs and Babuk Ransomware Gang Claims Decryptor Repaired...

1.7AI score
Exploits0
Talos Blog
Talos Blog
•added 2020/11/18 8:37 a.m.•26 views

Nibiru ransomware variant decryptor

Nikhil Hegde developed this tool. Weak encryptionThe Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded...

1.9AI score
Exploits0
Trellix
Trellix
•added 2020/08/03 12:0 a.m.•36 views

Take a "NetWalk" on the Wild Side

ARCHIVED STORY Take a “NetWalk” on the Wild Side ATR Operational Intelligence Team · AUG 03, 2020 · 25 MIN READ Executive Summary The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were discovered throughout 2019 and the beginning of...

8.1AI score
Exploits0
0day.today
0day.today
•added 2019/10/04 12:0 a.m.•429 views

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

9.3CVSS8.2AI score0.99693EPSS
Exploits93
Exploit DB
Exploit DB
•added 2019/10/02 12:0 a.m.•1291 views

DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2019/10/01 12:0 a.m.•390 views

DOUBLEPULSAR Payload Execution / Neutralization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...

9.3CVSS0.2AI score0.99693EPSS
Exploits93
Securelist
Securelist
•added 2019/09/25 10:0 a.m.•40 views

Ransomware: two pieces of good news

"All your files have been encrypted." How many times has this suddenly popped up on your screen? We hope never, because it's one of the most common indicators that you've lost access to your files. And if there are no publicly available decryptors or you don't have any backup copies, you're in...

7.2AI score
Exploits0
ThreatPost
ThreatPost
•added 2019/06/03 2:18 p.m.•163 views

GandCrab Ransomware Shutters Its Operations

The GandCrab ransomware group is shutting down, according to posts on the Dark Web. Researchers David Montenegro and Damian spotted the announcements over the weekend. Start of GandCrab Ransomware : 28-1-2018 .. 🦀🦀🦀 Close of GandCrab Ransomware : 1-6-2019 .. ☠️☠️☠️@RajSamani @ValthekOn @JohnFokker...

7.5CVSS8.8AI score0.99964EPSS
Exploits35References25
ThreatPost
ThreatPost
•added 2019/02/19 7:0 p.m.•56 views

New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

7.8AI score
Exploits0References8
The Hacker News
The Hacker News
•added 2019/01/11 6:59 a.m.•147 views

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that...

6.7AI score
Exploits0
Rows per page
Query Builder