Mysterious 'Rorschach' Ransomware Doubles Known Encryption Speeds

The malware is one of the most sophisticated ransomwares ever seen in the wild, and marks a leap ahead for cybercrime. [TechWeb]( Follow Dark Reading: [RSS]( April 05, 2023 LATEST SECURITY NEWS & COMMENTARY [Mysterious 'Rorschach' Ransomware Doubles Known Encryption Speeds]( The malware is one of the most sophisticated ransomwares ever seen in the wild, and marks a leap ahead for cybercrime. [Law Firm for Uber Loses Drivers' Data to Hackers in Yet Another Breach]( Uber gave sensitive data on drivers to a law firm representing the company in legal actions, but the data appears to not have had adequate security protections. [15M+ Services & Apps Remain Sitting Ducks for Known Exploits]( Scans of the Internet find that millions of computers, virtual machines, and containers are vulnerable to one or more of the hundreds of cyberattacks currently used in the wild, despite being patchable. ['Proxyjacking' Cybercriminals Exploit Log4j in Emerging, Lucrative Cloud Attacks]( Proxyjacking is an emerging, low-effort and high-reward attack for threat actors, with the potential for far-reaching implications. [eFile Tax Return Software Found Serving Up Malware]( In the height of tax-return season, a popular tax prep software service leaves a malicious JavaScript file online for weeks. [How Strategic Investors Can Help Cybersecurity Startups]( Cybersecurity startups face pressure during this economic uncertainty, but strategic investors can help them succeed in providing tech that defends against cyberattacks. [What RASP Should Have Been]( When runtime application self-protection is held to a higher standard, it can secure thousands of applications and prevent burnout in security teams. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Vulkan Playbook Leak Exposes Russia's Plans for Worldwide Cyberwar]( Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities. [4 Steps for Shifting Left & Winning the Cybersecurity Battle]( If companies prioritize communications and make the DevOps process more transparent, team members will better know what vulnerabilities to look for. [Pro-Islam 'Anonymous Sudan' Hacktivists Likely a Front for Russia's Killnet Operation]( "Anonymous Sudan" has been claiming that its DDoS attacks are in retaliation for anti-Islamic activities, but at least one security vendor is suspicious about its true motives. [MORE]( EDITORS' CHOICE [3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor]( "Gopuram" is a backdoor that North Korea's Lazarus Group has used in some campaigns dating back to 2020, some researchers say. LATEST FROM THE EDGE [Name That Edge Toon: Tower of Babble]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [New GRC Platform TrustRegister Links Risk to Revenue Impact]( The new TrustRegister application allows companies to proactively surface risks and remediation plans via programmatic risk assessments. WEBINARS - [Expert Advice for Getting the Most from Security Orchestration, Automaton & Response Enterprise Tools]( Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ... - [Managing Identity in the Cloud]( Shifting identity management and provisioning to the cloud helps streamline these operations. It also brings a new set of challenges, including integrating and managing user identities, privileges, and other attributes used in various on-premise and cloud systems, especially if your ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Making Cybersecurity Mesh a Reality]( - [Why Account Security Doesn't Stop at Login]( - [Empower Digital Transformation by Protecting Converged IT and OT]( - [Cloud Journey Adoption Stage: Securing Hybrid and Multi-cloud Environments]( - [Cloud Journey Consideration Stage: 2022 Cloud Security Report]( - [State of Enterprise Cybersecurity: Invest Now, or Pay Big Later]( - [The CISOs Report: Perspectives, Challenges, and Plans for 2022 and Beyond]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture]( [Industrial Defender Launches Phoenix: OT Visibility & Security Solution for Small to Midsized Operations]( [Cybereason Secures $100M in Funding Led by SoftBank Corp.]( [F5 Safeguards Digital Services With New AI-Powered App and API Security Capabilities]( [Akamai Launches Managed Security Service Updates and New Premium Offering]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)