Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection chain. After some cleanup, I understood it to be a downloader of an … [Read more...]
Operation Cronos: A Breakdown of the LockBit Disruption
Check out LockBit 3.0 on our new Ransomware Tracker Beta! Hear more about Operation Cronos on The 443 Podcast. If you've followed the ransomware space for the past few years, it's very likely you've heard of LockBit. If you don't follow the cybersecurity landscape, there's still a good chance you've heard of them or at least their operations. The group's affiliates have … [Read more...]
Scratching the Surface of Rhysida Ransomware
A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the executable confirmed that this group is indeed in its early stages based on the breadth … [Read more...]
Cybersecurity News: A Trio of Vulnerabilities, BreachForums Admin Arrested, Hundreds of Ransomware Victims, and The Rise of AI
This post arrives later than usual, but as they say, "Better late than never." Researchers and the media have highlighted various unique, interesting, or destructive vulnerabilities in the last few weeks. We decided to pick three of these vulnerabilities and talk about them. One was patched with Microsoft's Patch Tuesday in March; another affects the privacy of almost everyone, … [Read more...]
Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
It's Monday, and there's no better way to start a new week than with some cybersecurity-related news. So, if you need an excuse to procrastinate a bit more, allow us to fill that void. For this iteration, we made a few minor improvements, as always. In addition to the table of contents from last time, we've added more granularity by categorizing all the stories by type. For … [Read more...]