by Fortify Security Team | Nov 3, 2021 | Research
The FBI first identified Ranzy Locker ransomware in late 2020 when the variant began to target victims in the United States. Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the...
by Fortify Security Team | Oct 23, 2021 | Research
While Conti is considered a ransomware-as-a-service (RaaS) model ransomware variant, there is variation in its structure that differentiates it from a typical affiliate model. It is likely that Conti developers pay the deployer’s of the ransomware a wage rather...
by Fortify Security Team | Jul 27, 2021 | Research
Fortify 24×7 is tracking various public weaponized exploits for a remote code execution vulnerability affecting the Windows Print Spooler service (spoolsv.exe): CVE-2021-1675 and an out of band patch for CVE-2021-34527, also known as PrintNightmare. The...
by Fortify Security Team | Jul 27, 2021 | Research
Summary The default configuration in Microsoft Windows 10 v1809 and newer includes an elevation of privilege vulnerability, because of overly permissive Access Control Lists (ACLs) in the Security Accounts Manager (SAM) database, as well as multiple other system...
by Fortify Security Team | Jul 3, 2021 | Research
Indicators of Compromise agent.crt encoded dropper 2093c195b6c1fd6ab9e1110c13096c5fe130b75a84a27748007ae52d9e951643 agent.exe dropper d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e Payloads...
by Fortify Security Team | Mar 16, 2021 | Research
FBI reporting has indicated a recent increase in PYSA ransomware targeting education institutions in 12 US states and the United Kingdom. PYSA, also known as Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on...
