As If Ransomware Wasn’t Enough to Worry About, Now It’s Faster and Resembles a Psych Test

Apr 5, 2023

Breaking news out of Check Point Research on the fastest ever ransomware, code-name ‘Rorschach’.

The key takeaways?

It uses a DLL side-loading technique, does not provide any branding, shares some functionality with LockBit 2.0, and technically unique features.

It side-loads a DLL used by Palo Alto Networks’ Cortex XDR Dump Service Tool (a signed security tool). The vulnerability has since been reported to Palo Alto Networks. It spreads using a domain controller, via the group policy server.

For more information, please check out Check Point Research’s Release Bulletin.

Looking for an IT company, or have a problem today that requires a quick solution?

Let us help guide you on the easy stuff and do the heavy lifting on the more difficult stuff.

Complete the form below and one of our team will help you out.


Recent Posts

Log4Shell Zero Day Vulnerability

Log4Shell is a zero day vulnerability affecting Java servers and is actively being exploited in the wild. Java is the backend language for a lot of enterprise servers as well as Fortune 1000 websites. If you're the administrator of such a website, you know that the...

read more

Microsoft Office 365

Work, Connect and Collaborate Any Time, Anywhere! Unlock your potential with an industry leading, fully integrated business productivity suite adapted to your reality! The best office applications and most efficient cloud services are combined with a complete...

read more