#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

ransomware decryptor | Breaking Cybersecurity News | The Hacker News

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

Jan 10, 2024 Ransomware / Data Security
A decryptor for the Tortilla variant of the Babuk ransomware has been  released  by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast, which had previously  released a decryptor  for Babuk ransomware after its  source code was leaked  in September 2021. The updated decryptor can be accessed  here  [EXE file]. "A single private key is used for all victims of the Tortilla threat actor," Avast  noted . "This makes the update to the decryptor especially useful, as all victims of the campaign can use it to decrypt their files." The Tortilla campaign was  first disclosed  by Talos in November 2021, with the attacks leveraging  ProxyShell flaws in Microsoft Exchange servers  to drop the ransomware within victim environments. Tortilla
Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

Sep 19, 2022
A decryptor for the LockerGoga ransomware has been  made available  by Romanian cybersecurity firm Bitdefender in collaboration with Europol, the No More Ransom project, and Zurich law enforcement authorities. Identified in January 2019, LockerGoga drew headlines for its attacks against the Norwegian aluminum giant  Norsk Hydro . It's said to have infected more than 1,800 victims in 71 countries, causing an estimated $104 million in damages. The ransomware operation received a significant blow in October 2021 when 12 people in connection with the group, alongside MegaCortex and Dharma, were apprehended as part of an  international law enforcement effort . The arrests, which took place in Ukraine and Switzerland, also saw the seizure of cash worth $52,000, five luxury vehicles, and a number of electronic devices. One of the accused is currently in pretrial detention in Zurich. The Zurich Cantonal Police further said it spent the past months examining the data storage devices
Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Apr 10, 2024Webinar / Identity Security
We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like cracks in your digital fortress walls. Hackers exploit these weaknesses to steal login information, gain sneaky access, and move around your systems unnoticed, whether they're in the cloud or on-site. This upcoming webinar,  " Today's Top 4 Identity Security Threat Exposures: Are You Vulnerable? "  isn't just for tech experts—it's about protecting your business.  We'll use real-world examples and insights from Silverfort's latest report to show you the hidden dangers of ITEs. You'll learn about: The Top 4 Identity Threats You Might Be Overlooking:  We'll name them and explain why they're
Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

Jul 23, 2021
Nearly three weeks after Florida-based software vendor Kaseya was hit by a  widespread supply-chain ransomware attack , the company on Thursday said it obtained a universal decryptor to unlock systems and help customers recover their data. "On July 21, Kaseya obtained a decryptor for victims of the REvil ransomware attack, and we're working to remediate customers impacted by the incident," the company  said  in a statement. "Kaseya obtained the tool from a third-party and have teams actively helping customers affected by the ransomware to restore their environments, with no reports of any problem or issues associated with the decryptor." It's not immediately unclear if Kaseya paid any ransom. It's worth noting that REvil affiliates had  demanded a ransom of $70 million  — an amount that was subsequently lowered to $50 million — but soon after, the ransomware gang mysteriously  went off the grid , shutting down their payment sites and data leak portal
cyber security

WATCH: The SaaS Security Challenge in 90 Seconds

websiteAdaptive ShieldSaaS Security / Cyber Threat
Discover how you can overcome the SaaS security challenge by securing your entire SaaS stack with SSPM.
Ransomware Hits Dental Data Backup Service Offering Ransomware Protection

Ransomware Hits Dental Data Backup Service Offering Ransomware Protection

Aug 30, 2019
THIS WEEK IN THE IRONIC NEWS: DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware. Provided by two Wisconsin-based companies, Digital Dental Record and PerCSoft, the backend system of affected medical records retention and backup solutions has probably been hit by Sodinokibi ransomware , also known as Sodin or REvil malware. Though it's not yet clear how attackers managed to compromise the company's infrastructure, the latest ransomware attack is yet another example of successful supply chain attack, crippling computer systems in 400 dental practice offices around the United States this week. According to statements released by both companies, the ransomware virus hit a remote data management software on Monday, August 26, that DDS Safe uses to back up its client data and
GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free

GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free

Jun 18, 2019
Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. GandCrab is one of the most prolific families of ransomware to date that has infected over 1.5 million computers since it first emerged in January 2018. Created by BitDefender, the new GandCrab decryption tool [ download ] can now unlock files encrypted by the latest versions of the ransomware, from 5.0 to 5.2, as well as for the older GandCrab ransomware versions. As part of the " No More Ransom " Project, BitDefender works in partnership with the FBI, Europol, London Police, and several other law enforcement agencies across the globe to help ransomware affected users. The cybersecurity company in recent months released ransomware removal tools for some older GandCrab versions that helped nearly 30,000 victims recover their data for free,
Cybersecurity Resources