White Phoenix will allow victims to partially recover files encrypted by malware that uses discontinuous encryption. The tool is already available for free download on GitHub.

Let me remind you that we also wrote that Free Decryptor Arrived for MegaCortex Ransomware, and also that Search for Random Leaks of API Keys, Passwords and Tokens Works for All GitHub Users.

Breakthrough encryption is a technique used by some ransomware groups. The idea is that the malware alternately encrypts and does not encrypt data fragments, which allows the file to be encrypted much [...]

The creation of this tool for decrypting infected files is the result of the joint work of Bitdefender experts, Europol analysts, the NoMoreRansom project, the Zurich prosecutor’s office and the Swiss cantonal police.

Let me remind you that we also said that Avast introduced free decryptors for AtomSilo, Babuk and LockFile ransomware, and also that During five years of operation, the No More Ransom project helped to save $900 million from ransomware.

Although experts have published a guide on how to [...]

We also wrote that Some Versions of VMware Carbon Black Cause BSODs on Windows.

Let me remind you that the CVE-2022-22954 vulnerability is associated with remote arbitrary code execution and affects VMware Workspace ONE Access. The bug scored 9.8 out of 10 on the CVSS vulnerability rating scale, and VMware discovered and fixed the issue on April 6 this year. However, the attackers reversed this fix and within 48 hours created an exploit, which was then used to compromise yet unpatched servers.

In [...]

Let me remind you that we also wrote that Grouping LockBit Announced the Hacking of the Information Security Company Mandiant, and also that LockBit Ransomware Uses Windows Defender to Download Cobalt Strike.

The Entrust hack became known back in June 2022. Then Bleeping Computer reported that the company suffered from te ransomware attack, during which data was stolen from its systems. Representatives of Entrust confirmed to reporters the fact of hacking, but did not provide any details of [...]

It is worth recalling that Cobalt Strike is a legitimate commercial tool designed for pentesters and the red team and focused on exploitation and post-exploitation.

Unfortunately, it has long been loved by hackers ranging from government APT groups to ransomware operators. Although Cobalt Strike is quite expensive and inaccessible to ordinary users, attackers still find ways to use it (for example, rely on old, pirated and hacked versions).

Let me remind you that we also reported that Zloader Trojan Disables [...]

Currently available in 37 languages, the project has helped more than 1.5 million people around the world recover their data.

Also note the following: Cybersecurity Specialists Created the Hopper Worm to Protect against Other Worms.

Let me remind you that No More Ransom was launched in 2016 as an initiative to combat ransomware and ransomware. Then only Europol, the Dutch police, McAfee and Kaspersky Lab took part in it.

Now the number of program partners has grown to 188, including companies from the private and public sectors, [...]

Let me remind you that No More Ransom was launched in 2016 as an initiative to combat ransomware. Then only Europol, the Dutch police, Kaspersky Lab and McAfee took part in it.

As part of the No More Ransom project, the nomoreransom.org portal was launched, where users can find information about ransomware and threats posed by them, as well as get free tools to recover their data if it has been “processed” by such malware.

In 2020, experts discovered 650 new hack groups, and also removed about 500 groups from their threat tracker due to duplication and overlap with previously known clusters.

Among FireEye’s 1,900 known hacker groups, there are both “government” hackers (APT) and financially motivated groups (FIN), as well as unclassified groups (UNC, when it is not enough information to place them in one of the first two categories.

Analysts [...]

2020 is very saturated with different events. It forced people to computerize their activity in all parts of the lifecycle. But the increased use of computers led to increased malware activity. The more people use their PCs – the bigger the chance of successful malware injection. And what about the most specific type of malware – ransomware?

Ransomware is a type of malware that injects in your PC and encrypts your files. After the encryption process, you will see the money ransom notes in every folder which contains encrypted files. An encryption algorithm that is used by ransomware may be [...]