As If Ransomware Wasn’t Enough to Worry About, Now It’s Faster and Resembles a Psych Test

Apr 5, 2023

Office Suites

Breaking news out of Check Point Research on the fastest ever ransomware, code-name ‘Rorschach’.

The key takeaways?

It uses a DLL side-loading technique, does not provide any branding, shares some functionality with LockBit 2.0, and technically unique features.

It side-loads a DLL used by Palo Alto Networks’ Cortex XDR Dump Service Tool (a signed security tool). The vulnerability has since been reported to Palo Alto Networks. It spreads using a domain controller, via the group policy server.

For more information, please check out Check Point Research’s Release Bulletin.

Looking for an IT company, or have a problem today that requires a quick solution?

Let us help guide you on the easy stuff and do the heavy lifting on the more difficult stuff.

Complete the form below and one of our team will help you out.


Recent Posts

7 Essential Cybersecurity Tips To Start Your Fall Right!

The internet is amazing—movies on demand, groceries at your door, cat videos galore—but like any good party, there are always a few uninvited guests trying to sneak in. Some want your money, some want your data, and some just like causing chaos. The trick? Learn their...

read more

Major Online Password Service Compromised

LastPass has been compromised. It's good that they're disclosing it in relatively short order. You might say it was the keys to the kingdom that were stolen. Someone pilfered 'portions' of their source code, and some proprietary technical information. It has not been...

read more