Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2021

BlackByte Ransomware - Pt. 1 In-depth Analysis

Please click here for Part 2 UPDATE 19.October.2021 - Based on some reactions and responses to our BlackByte analysis, and specifically, the included decryptor, we wanted to provide an update and some clarification. First off, we’ve updated the decryptor on github to include two new files. One is the compiled build of the executable to make the tool more accessible and the second is a sample encrypted file “spider.png.blackbyte” that can be used to test the decryptor.

BlackByte Ransomware - Pt 2. Code Obfuscation Analysis

In Part 1 of our BlackByte ransomware analysis, we covered the execution flow of the first stage JScript launcher, how we extracted BlackByte binary from the second stage DLL, the inner workings of the ransomware, and our decryptor code. In this blog, we will detail how we analyzed and de-obfuscated the JScript launcher, BlackByte’s code, and strings.

A Handshake with MySQL Bots

It’s well known that we just don’t put services or devices on the edge of the Internet without strong purpose justification. Services, whether maintained by end-users or administrators, have a ton of security challenges. Databases belong to a group that often needs direct access to the Internet - no doubt that security requirements are a priority here.

CMMC Buyer's Guide

The ever-shifting threat landscape coupled with the increased risk and loss of confidential information through previous breaches, defending protected controlled unclassified information within the DIB supply chain is increasingly difficult. The Department of Defense (DoD) determined that its supply chain faced an unacceptable amount of risk, resulting in the transition from self-certification to the creation of the CMMC (Cybersecurity Maturity Model Certification), which requires third-party assessments and certification of compliance.