Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection chain. After some cleanup, I understood it to be a downloader of an … [Read more...]
Operation Cronos: A Breakdown of the LockBit Disruption
Check out LockBit 3.0 on our new Ransomware Tracker Beta! Hear more about Operation Cronos on The 443 Podcast. If you've followed the ransomware space for the past few years, it's very likely you've heard of LockBit. If you don't follow the cybersecurity landscape, there's still a good chance you've heard of them or at least their operations. The group's affiliates have … [Read more...]
Scratching the Surface of Rhysida Ransomware
A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the executable confirmed that this group is indeed in its early stages based on the breadth … [Read more...]
Cybersecurity News: A Trio of Vulnerabilities, BreachForums Admin Arrested, Hundreds of Ransomware Victims, and The Rise of AI
This post arrives later than usual, but as they say, "Better late than never." Researchers and the media have highlighted various unique, interesting, or destructive vulnerabilities in the last few weeks. We decided to pick three of these vulnerabilities and talk about them. One was patched with Microsoft's Patch Tuesday in March; another affects the privacy of almost everyone, … [Read more...]
Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
A new week, a new month, and a new Cybersecurity News post! This iteration contains a whopping eight (8) stories covering the last two to four weeks. Since cybersecurity is a diverse field of assorted specializations, we attempt to match that with various stories touching on all aspects of cybersecurity. This time we cover a few breaches, Elon Musk's decision to alter Twitter's … [Read more...]