Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/cybervolk CyberVolk is a self-proclaimed hacktivist group with various allegiances to other hacktivist groups throughout the globe, including Anonymous (their subsidiaries), White_Hunters, Cyber Hunters, and others. They even…
Publication: Dr. Joseph L Popp Jr and The First-Ever Ransomware – The AIDS Trojan If you work in information security or the computer science field, there's a good chance you've heard of the first-ever ransomware – the AIDS Trojan. There's also a chance you know the basics of that story. An…
Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection…
Check out LockBit 3.0 on our new Ransomware Tracker Beta! Hear more about Operation Cronos on The 443 Podcast . If you've followed the ransomware space for the past few years, it's very likely you've heard of LockBit. If you don't follow the cybersecurity landscape, there's still a good chance you…
On February 2nd, remote access software vendor AnyDesk disclosed they had been the victim of a cyberattack where an unknown threat actor obtained access to production systems. AnyDesk appears to have contained the incident before the adversaries were able to leverage their access into a supply chain…
A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the…
This post arrives later than usual, but as they say, "Better late than never." Researchers and the media have highlighted various unique, interesting, or destructive vulnerabilities in the last few weeks. We decided to pick three of these vulnerabilities and talk about them. One was patched with…
Welcome to another iteration of Cybersecurity News. The fairly new and unorthodox, semi-monthly news article that highlights a handful of noteworthy cybersecurity-related stories and provides extra references and resources to do further research if you desire. We aim to solidify a more concrete…
Shortly after Putin launched his "special military operation" in Ukraine on February 24 th, 2022, researchers from ESET published information about two novel destructive malware families – HermeticWiper and ISAACWiper. HermeticWiper was part of a three-pronged campaign that included a worm and…