Credit to Author: Don Ovid Ladores| Date: Tue, 06 Sep 2022 00:00:00 +0000
Play is a new ransomware that takes a page out of Hive and Nokoyawa’s playbook. The many similarities among them indicate that Play, like Nokoyawa, are operated by the same people.
Read moreCredit to Author: Don Ovid Ladores| Date: Tue, 06 Sep 2022 00:00:00 +0000
Play is a new ransomware that takes a page out of Hive and Nokoyawa’s playbook. The many similarities among them indicate that Play, like Nokoyawa, may be a Hive affiliate.
Read moreCredit to Author: Mohamed Fahmy| Date: Thu, 25 Aug 2022 00:00:00 +0000
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim.
Read moreCredit to Author: Ryan Soliven| Date: Wed, 24 Aug 2022 00:00:00 +0000
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.
Read moreCredit to Author: William Malik| Date: Mon, 08 Aug 2022 00:00:00 +0000
Understand the cybersecurity risks in the Metaverse
Read moreCredit to Author: Nathaniel Morales| Date: Tue, 02 Aug 2022 00:00:00 +0000
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of ransomware-as-a-service affiliates.
Read more
Credit to Author: Ivan Nicole Chavez| Date: Mon, 25 Jul 2022 00:00:00 +0000
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware.
Read more