July 11, 2022

Ransomware groups now implement search functionalities

Last week, the ALPHV ransomware group, also known as the BlackCat ransomware group announced they had implemented a searchable database that consists of leaked data from their victims who didn’t pay. The group clarified that they have indexed all the possible searchable results which allow for people to search by filename or by content available in documents and images. Currently, […]
July 7, 2022

Emsisoft releases free AstraLocker and Yashma ransomware decryptor

On Thursday 7th of July 2022, Emsisoft, a New Zealand-based cybersecurity firm announced that they had released a free decryption tool for AstraLocker and Yashma ransomware which is available for download from Emsisoft’s servers. The decryption tool is based on AstraLocker’s Babuk-based decryptor and Yashma’s Chaos-based decryptor. Emsisoft has warned the victims of these ransomware variants to quarantine the malware […]
July 6, 2022

“Professional malware attack” impacts the network of IT services giant SHI

On Wednesday 6th of July 2022, SHI International, one of North America’s largest IT solutions providers, confirmed that they had experienced “a coordinated and professional malware attack” which impacted their network over the weekend of the Fourth of July holiday. “Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures […]
July 6, 2022

FBI releases advisory warning of the use of the Maui ransomware by North Korean state-sponsored threat actors to target the Healthcare and Public Health Sector

On Wednesday 6th of July 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory which revealed the Maui ransomware has been used by North Korean state-sponsored threat actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organisations. The goals of these ransomware attacks are to encrypt servers that are […]
July 6, 2022

The University of Maastricht recovers ransom payment from the 2019 ransomware attack

On Saturday 2nd of July 2022, the University of Maastricht announced they had managed to successfully recover a ransom they had paid from a ransomware attack against the university that occurred on December 23, 2019. The ransom demand was 30 Bitcoins which at the time was worth about 197,000 euros ($218,000). But in April this year, the Dutch public prosecution […]
July 4, 2022

AstraLocker ransomware announces shutdown and releases decryptors

This week, the threat actor behind the lesser-known AstraLocker ransomware has reported telling the technology news outlet, BleepingComputer that they are shutting down the operation and plan to switch to cryptojacking. As well as shutting down the operation, the developer also submitted a ZIP archive which contained AstraLocker decryptors to the VirusTotal malware analysis platform. The decryptors have been confirmed […]