Security News

New Marvin attack revives 25-year-old decryption flaw in RSA
2023-10-01 14:16

Using standard hardware, the researchers demonstrated that executing the Marvin Attack within just a couple of hours is possible, proving its practicality. The Marvin Attack does not have a corresponding CVE despite highlighting a fundamental flaw in RSA decryption, mainly how padding errors are managed, due to the variety and complexity of individual implementations.

Authorities shut down HIVE ransomware infrastructure, provide decryption tools
2023-01-26 16:45

Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware.In the last year, HIVE ransomware has been identified as a major threat as it has been used to compromise and encrypt the data and computer systems of large IT and oil multinationals in the EU and the USA. Since June 2021, over 1 500 companies from over 80 countries worldwide have fallen victim to HIVE associates and lost almost EUR 100 million in ransom payments.

GoTo admits: Customer cloud backups stolen together with decryption key
2023-01-25 19:37

GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you've ever used GoTo Webinar, GoToMyPC, or LastPass, you've used a product from the GoTo stable.

Police tricks DeadBolt ransomware out of 155 decryption keys
2022-10-14 21:27

NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. When the victim enters this key into the ransom note screen, it will be converted into a SHA256 hash and compared to the SHA256 hash of the victim's decryption key and the SHA256 hash of the DeadBolt master decryption key.

MEGA fixes critical flaws that allowed the decryption of user data
2022-06-22 15:00

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. One of MEGA's advertised features is that data is end-to-end encrypted, with only the user having access to the decryption key.

Ransomware dev releases Egregor, Maze master decryption keys
2022-02-09 15:26

The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. The Maze ransomware began operating in May 2019 and quickly rose to fame as they were responsible for the use of data theft and double-extortion tactics now used by many ransomware operations.

How Decryption of Network Traffic Can Improve Security
2021-11-30 20:58

Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Google estimates that 95 percent of its internet traffic uses the encrypted HTTPS protocol, and most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today.

MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption
2021-11-16 18:29

The MosesStaff hacking group is aiming politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible, researchers warned. Unlike other anti-Zionist hacktivists like the Pay2Key and BlackShadow gangs, which look to extort their victims and cause embarrassment, MosesStaff encrypts networks and steals information, with no intention of demanding a ransom or rectifying the damage.

FBI Had the REvil Decryption Key
2021-09-22 14:30

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn't pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack.

Ransomware gang threatens to wipe decryption key if negotiator hired
2021-09-15 18:22

The Grief ransomware gang is threatening to delete victim's decryption keys if they hire a negotiation firm, making it impossible to recover encrypted files. Last week, BleepingComputer first reported that the Ragnar Locker ransomware gang threatened to automatically publish a victim's stolen data if they contacted law enforcement or negotiation firms.