Rorschach ransomware deployed by misusing a security tool | allinfosecnews.com

April 6, 2023, 1:46 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found. The solution in question is Palo Alto Networks’ Cortex XDR, whose Dump Service Tool the attackers appropriated and are now misusing to side-load the DLL that decrypts and injects the (newly labeled) Rorschach ransomware. Rorschach’s execution flow (Source: Check Point) The peculiarities of Rorschach … More →

The post …

alto attackers check check point commercial cortex cortex xdr dll don't miss flow hot stuff malware analysis networks palo palo alto palo alto networks point product question ransomware researchers rorschach rorschach ransomware security security product service solution tool xdr

More from www.helpnetsecurity.com / Help Net Security

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 15 hours ago | www.helpnetsecurity.com

attackers can clone cloning +26

Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) 18 hours ago | www.helpnetsecurity.com

0 day chrome chrome zero-day chrome zero-day vulnerability +20

Palo Alto Networks partners with IBM to deliver AI-powered security offerings 19 hours ago | www.helpnetsecurity.com

ai-powered alto announcement capabilities +19

Is an open-source AI vulnerability next? 21 hours ago | www.helpnetsecurity.com

adoption advancement applications artificial intelligence +21

OWASP dep-scan: Open-source security and risk audit tool 22 hours ago | www.helpnetsecurity.com

appthreat aspm assessment audit +31

Ebury botnet compromises 400,000+ Linux servers 22 hours ago | www.helpnetsecurity.com

advanced backdoor botnet campaigns +20

Product showcase: Block ads, cookie pop-ups, trackers with CleanWeb 23 hours ago | www.helpnetsecurity.com

ad ad blocker ads block +24

Cloud security incidents make organizations turn to AI-powered prevention 23 hours ago | www.helpnetsecurity.com

ai-powered breaches check check point +18

The critical role of IT staffing in strengthening cybersecurity 1 day ago | www.helpnetsecurity.com

breaches comprehensive approach critical cyber +22

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Cyber Incident Manager 3

@ ARSIEM | Pensacola, FL

View on infosec-jobs.com

On-Site Environmental Technician II - Industrial Wastewater Plant Operator and Compliance Inspector

@ AECOM | Billings, MT, United States

View on infosec-jobs.com

Sr Security Analyst

@ Everbridge | Bengaluru

View on infosec-jobs.com