Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims. Rhysida is a newish ransomware gang that has been around since May last year.
South Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows decryptor to recover files for free. Victims of the Rhysida ransomware may use the tool to try to decrypt their files for free, but BleepingComputer cannot guarantee the tool's safety or effectiveness.
Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were...
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. According to Check Point Research, the Rhysida ransomware group may simply be the Vice Society hacking group armed with new ransomware.
The Rhysida ransomware group has published most of the data it claimed to have stolen from the British Library a month after the attack was disclosed. The Register has not examined any of the data posted online, but a cursory perusal of the file trees leaked to Rhysida's website appears to show data related to various British Library departments, functions, and stakeholders.
The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. A leak of HR documents stolen from the British Library was also confirmed today by the library's press office, which warned users to reset their passwords as a precautionary measure.
The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process. The Register approached the British Library for comment but it did not reply.
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and...
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. "Threat actors leveraging Rhysida ransomware are known to impact 'targets of opportunity,' including victims in the education, healthcare, manufacturing, information technology, and government sectors," the two agencies noted.
The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records. While PMH did not respond to queries about the security incident, BleepingComputer later learned that the Rhysida ransomware gang was behind the attack.