🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

We've updated our #BigBobRoss #ransomware decryptor so it also recovers files encrypted by the ".encryptedALL" variant avast.com/en-us/ransomwa…. #DontPay

#Retadup #worm taken down by Avast Threat Labs and Gendarmerie nationale #C3N ✔️decoded.avast.io/janvojtesek/pu…

Had to do this. What year did you say it is? #Yara

Take any PE image that runs in the latest Windows 10. Increase its IMAGE_OPTIONAL_HEADER::SizeOfImage by multiply of 0x1000. New after 25 years, the image will still run. If you ever wrote a PE image loader, you may wanna update it.

Based on leaked source code and decryption keys, Avast releases a #free #decryptor for the #Babuk #ransomware. avast.com/ransomware-dec…

Decrypted: Avast releases #free #decryptor for the #TargetCompany #ransomware: decoded.avast.io/threatresearch… #AvastDecoded

Did any of you #ransomware hunters spotted a variant of #TargetCompany that appends the ".avast" extension to the encrypted files?

Decrypted: Avast releases a #free #decryptor for #HermeticRansom #ransomware (aka #PartyTicket) which we previously discovered spreading in Ukrainian networks together with #HermeticWiper decoded.avast.io/threatresearch… #AvastDecoded #HelpingUkraine

While the sources published by conti leaks yesterday are indeed newer than those published before (see picture), they still don't correspond to the binaries that I see today.

Unable to extract credentials via DPAPI or Mimikatz? Don't worry. Microsoft got your back. Just use 'rundll32 keymgr.dll, KRShowKeyMgr' to extract all the stored passwords on the host, be it a target server, FTP or chrome's HTTP creds, microsoft has you covered. #redteam

Avast releases decryption tool for the #BianLian #ransomware! Find the tool and instructions on how to use it on #AvastDecoded: decoded.avast.io/threatresearch… #DontPayUp

New variant of the #Fonix ransomware (Feb'23) tries really hard to pretend it's Ryuk - filename, mutex, scheduled task... Nonetheless, it is still decryptable. We've updated our free #Fonix #Decryptor to cover this variant too: files.avast.com/files/decrypto… #NoMoreRansom #DontPayUp

Feb 2022: #Conti #ransomware data was leaked, we created a decryptor in hope for some keys to be released. To no avail. Mar 2023: #MeowCorp (a Conti 2.0 clone) keys were published, we released a Conti decryptor, and hope for more keys to come. #DontPayUp files.avast.com/files/decrypto…

#Avast releases decryptor for the recently-emerged #Akira ransomware: decoded.avast.io/threatresearch…. Please, carefully read the usage instructions before decrypting.

MSI unpacker plugin for Total Commander is available, including sources: zezula.net/en/tools/wcx_m…

📢 Just released: Dive into our detailed analysis of the encryption methods used in the #Rhysida #ransomware. Discover the detailed insights in our latest write-up 🔒 #AvastDecoded #RansomwareAnalysis decoded.avast.io/threatresearch…

In cooperation with Cisco Talos Intelligence Group and Dutch Politie Nederland 🇳🇱, Avast is releasing an updated version of the Avast #Babuk #ransomware decryption tool, capable of restoring files encrypted by the #Babuk variant called #Tortilla. Details on decoded.avast.io/threatresearch….

🚨 Help for #DoNex/#DarkRace/#Muse #ransomware victims 🚨 In March 2024, we found its vulnerability and started providing a free #decryption tool 🔓. As other researcher disclosed the details, we are also sharing our tool publicly. Read on: decoded.avast.io/threatresearch… #AvastDecoded