As If Ransomware Wasn’t Enough to Worry About, Now It’s Faster and Resembles a Psych Test

Apr 5, 2023

Breaking news out of Check Point Research on the fastest ever ransomware, code-name ‘Rorschach’.

The key takeaways?

It uses a DLL side-loading technique, does not provide any branding, shares some functionality with LockBit 2.0, and technically unique features.

It side-loads a DLL used by Palo Alto Networks’ Cortex XDR Dump Service Tool (a signed security tool). The vulnerability has since been reported to Palo Alto Networks. It spreads using a domain controller, via the group policy server.

For more information, please check out Check Point Research’s Release Bulletin.

Looking for an IT company, or have a problem today that requires a quick solution?

Let us help guide you on the easy stuff and do the heavy lifting on the more difficult stuff.

Complete the form below and one of our team will help you out.


Recent Posts

Major Online Password Service Compromised

LastPass has been compromised. It's good that they're disclosing it in relatively short order. You might say it was the keys to the kingdom that were stolen. Someone pilfered 'portions' of their source code, and some proprietary technical information. It has not been...

read more

Thought Your Files Were Safe in the Cloud?

Security experts have advocated for years that you should have your Office 365 and/or Google Workplace files backed up to a third party backup service. You run the risk of getting hit by ransomware, a rogue employee can delete or corrupt your flies, or someone can...

read more