Security News > 2021 > September

The free decryption tool will help victims restore their encrypted files from attacks made before July 13, 2021, says Bitdefender. In a blog post published Thursday, security firm Bitdefender announced the availability of a universal decryptor for REvil/Sodinokibi ransomware attacks.

Microsoft says multiple threat actors, including ransomware affiliates, are targeting the recently patched Windows MSHTML remote code execution security flaw.In the wild exploitation of this vulnerability began on August 18 according to the company, more than two weeks before Microsoft published a security advisory with a partial workaround.

The London law firm which secured a court injunction forbidding ransomware criminals from publishing data stolen from them has now gone a step further - by securing a default judgment from the High Court. 4 New Square Ltd, a barristers' chambers, raised some amusement in cyber security circles in July when it applied for a High Court injunction in the wake of a ransomware infection.

The recent targeted attacks exploiting the zero-day remote code execution vulnerability in Windows via booby-trapped Office documents have been delivering custom Cobalt Strike payloads, Microsoft and Microsoft-owned RiskIQ have shared. The researchers also found connections between the attackers' exploit delivery infrastructure and an infrastructure previously used by attackers to deliver human-operated ransomware, the Trickbot trojan and the BazaLoader backdoor/downloader.

As you can see, the cryptocurrency wallets in question were partially redacted - but as we know, these follow a recognizable pattern and can be uncovered in the public ledger. After determining the full wallet address, we can find this wallet on the blockchain and see what was transferred and when.

REvil victims, your prayers have been answered: There's a universal decryptor key waiting to free you. Bitdefender is releasing a free, universal decryptor key to unlock data of victimized organizations that were encrypted by REvil/Sodinokibi ransomware attacks before the gang's servers went belly-up on July 13.

Keeping availability away from customers via DDoS can have a painful impact on businesses as they find their doors blocked to customers, keeping them from making transactions. Over the years, DDoS attacks have evolved regarding level of sophistication, metrics and the techniques that threat actors employ.

A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free.While Bitdefender could not share details about how they obtained the master decryption key or the law enforcement agency involved, they told BleepingComputer that it works for all REvil victims encrypted before July 13th. "As per our blog post, we received the keys from a trusted law enforcement partner, and unfortunately, this is the only information we are at liberty to disclose right now," Bitdefender's Bogdan Botezatu, Director of Threat Research and Reporting, told BleepingComputer.

Military computer scientists ought to be treated with the same regard as pilots and warship captains, the head of the Army's cyber command has said. The general, head of the Ministry of Defence's Strategic Command which oversees military hacking units, told the conference he wanted "Equal value and afford equal status" to computer scientists and "Cyber operators", putting them on the same platform as the Army's "Traditional warrior elite".

Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges. HP has since released a patch, but a new report on the flaw from researchers from SentinelLabs details how the gaming software was built in part by copying code from a problematic open-source driver called WinRing0.