LAPSUS$ is dead, long live HexaLocker?
Publications
2024-08-23 23:53:49
收藏
The LAPSUS$ threat group has been known since 2021 for spear phishing, data theft, and extortion against large companies (e.g., Microsoft, Nvidia, Uber). Although evidence of destruction methods was reported, there was no known use of ransomware. In June 2024, LAPSUS$ announced its closure. However, two months later, a new ransomware called HexaLocker was advertised on Telegram channels. Its "only real" admin and probable developer is ZZART3XX, one of the LAPSUS$ administrators. This article will dissect the HexaLocker ransomware samp...
目录
最新
- Relaying Kerberos over SMB using krbrelayx
- Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024
- Forensic analysis of bitwarden self-hosted server
- Quantum readiness: Lattice-based PQC
- Fuzzing confused dependencies with Depfuzzer
- Defend against vampires with 10 gbps network encryption
- Using Veeam metadata for efficient extraction of Backup artefacts (2/3)
- Quantum readiness: Hash-based signatures