Posted on Leave a comment

SpiderLabs Releases Free Decryptor For The BlackByte ransomware.

Trustwave’s SpiderLabs researchers have released a code that allows victims of the BlackByte ransomware to restore their files for available.While investigating a recent malware incident, the experts discovered the BlackByte ransomware. The ransomware was created to avoid infecting systems that primarily use Russian or related languages.

Trustwave analysed that,

“Unlike other ransomware that may have a unique key in each session, BlackByte uses the same raw key (which it downloads) to encrypt files and it uses a symmetric-key algorithm – Read more

Posted on Leave a comment

Google Observed 200 State-Sponsored Hacker Groups On Various Countries.

Since the beginning of 2021, Ajax Bash a Google TAG’S Analyst announces on Thursday that it is watching more than 270 government threat actors from more than 50 countries and that it has delivered 50,000 warnings to users about state – sponsored malware. that Thousands of these warnings are sent every month, even in cases where the corresponding attack is blocked.

Google reported that the figure includes organisations involved in both cyber espionage and disinformation activities. In 2021, the group … Read more

Posted on Leave a comment

Chinese APT Group IronHusky Used A Win zero-day Exploit On Targeting Users.

Kaspersky technologies discovered attacks on numerous Microsoft Windows systems using  vulnerability in late August and early September 2021.Earlierly The attacks had several log strings from a known vulnerability CVE – 2016 – 3309. We determined that it was exploiting in the Win 32k driver that leaks the base addresses of kernel modules. Immediately  reported the results to Microsoft that the information disclosure part of the attack chain did not overcome the security border.

The researchers examined the RAT used in … Read more

Posted on Leave a comment

New Rootkit Malware Targeting Linux Systems With Advanced Features.

ESET security team had identified a new malware family named “FontOnLake” that are constantly upgraded with new functionality to infect victims with an indication of an active development phase. According to samples uploaded to VirusTotal , the first intrusions involving this threat could have occurred as early as May 2020.

ESET researchers Vladislav Hrka reported that , the Nature of FontOnLake ‘s tools together with their complex design and low usage suggest that they are used in targeted attacks. This … Read more

Posted on Leave a comment

A New UEFI Bootkit That Targets Windows Computers.

Cybersecurity firm ESET had identified a new malware was codenamed “ESPecter” due to its ability to persist on the ESP(EFI System Partition)  as well as  Microsoft Windows Driver Signature Enforcement to load its own unsigned driver that can be used to facilitate espionage activities such as document theft, keylogging, and screen monitoring by periodically capturing screenshots.

After all the years of insignificant changes, those behind ESPecter apparently decided to move their malware from legacy BIOS systems to modern UEFI Read more