Security News

NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. When the victim enters this key into the ransom note screen, it will be converted into a SHA256 hash and compared to the SHA256 hash of the victim's decryption key and the SHA256 hash of the DeadBolt master decryption key.

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. One of MEGA's advertised features is that data is end-to-end encrypted, with only the user having access to the decryption key.

The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. The Maze ransomware began operating in May 2019 and quickly rose to fame as they were responsible for the use of data theft and double-extortion tactics now used by many ransomware operations.

Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Google estimates that 95 percent of its internet traffic uses the encrypted HTTPS protocol, and most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today.

The MosesStaff hacking group is aiming politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible, researchers warned. Unlike other anti-Zionist hacktivists like the Pay2Key and BlackShadow gangs, which look to extort their victims and cause embarrassment, MosesStaff encrypts networks and steals information, with no intention of demanding a ransom or rectifying the damage.

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn't pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack.

The Grief ransomware gang is threatening to delete victim's decryption keys if they hire a negotiation firm, making it impossible to recover encrypted files. Last week, BleepingComputer first reported that the Ragnar Locker ransomware gang threatened to automatically publish a victim's stolen data if they contacted law enforcement or negotiation firms.

The well-known and widely-used encryption library OpenSSL released a security patch earlier this week. Despite having TLS support as its primary aim, OpenSSL also lets you access the lower-level functions on which TLS itself depends, so you can use the libcrypto part of OpenSSL to do standalone encryption, compute file hashes, verify digital signatures and even do arithmetic with numbers that are thousands of digits long.

The SynAck ransomware gang released the master decryption keys for their operation after rebranding as the new El Cometa group. When ransomware operations encrypt files, they usually generate encryption keys on a victim's device and encrypt those keys with a master encryption key.

A key that can be used to decrypt files encrypted by the REvil ransomware delivered as part of the Kaseya attack has been made public. According to threat intelligence company Flashpoint, an individual using the online moniker "Ekranoplan" recently claimed on a hacker forum that they had obtained a decryption key for the REvil ransomware.