Advertisement
Top
image credit: Adobe Stock

Rorschach ransomware deployed by misusing a security tool

April 6, 2023

Via: Help Net Security
Category:

An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found.

The solution in question is Palo Alto Networks’ Cortex XDR, whose Dump Service Tool the attackers appropriated and are now misusing to side-load the DLL that decrypts and injects the (newly labeled) Rorschach ransomware.

The peculiarities of Rorschach ransomware

Read More on Help Net Security

RELATED PUBLICATIONS

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Cyberattack disrupted services at Omni Hotels & Resorts

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!