Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Emsisoft released a free decryption tool for Paradise ransomware

Researchers at Emsisoft firm has released a new free tool to decrypt files encrypted by the Paradise ransomware Security experts at Emsisoft have developed a tool to decrypt files encrypted by the Paradise ransomware. This ransomware family encrypts files using Salsa20 and RSA-1024 and it appends several extensions to theis filenames. “The Paradise ransomware encrypts […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

Researchers at Emsisoft firm has released a new free tool to decrypt files encrypted by the Paradise ransomware

Security experts at Emsisoft have developed a tool to decrypt files encrypted by the Paradise ransomware.

This ransomware family encrypts files using Salsa20 and RSA-1024 and it appends several extensions to theis filenames.

“The Paradise ransomware encrypts victims using Salsa20 and RSA-1024, and appends one of several extensions such as “.paradise”, “2ksys19”, “.p3rf0rm4”, and “.FC”.” reads the post published by Emsisoft.

Below an example of a ransom note shared by the experts at Emsisoft.

Filename = “—==%$$$OPEN_ME_UP$$$==—.txt”

WHAT HAPPENED!
Your important files produced on this computer have been encrypted due a security problem.
If you want to restore then write to the online chat.

Contact!
Online chat: http://prt-recovery.support/chat/6-Support
Your operator: Support
Your personal ID: [redacted]

Enter your ID and e-mail in the chat that you would immediately answered.

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Do not attempt to use the antivirus or uninstall the program.
This will lead to your data loss and unrecoverable.
Decoders of other users is not suitable to decrypt your files - encryption key is unique.

The decryptor for the ransomware is available at the following URL:

https://www.emsisoft.com/ransomware-decryption-tools/download/paradise

Recently Emsisoft firm has released a new free decryption tool the STOP (Djvu) ransomware, in the last months, the research team helped victims of many other threats.

The company released several decryptors in the recent months, in September it published a free decryption tool for the Avest ransomware

In August, security researchers at Emsisoft released a decryptor tool that allows the victims of the JSWorm 4.0 ransomware to decrypt their files for free. In May Emsisoft experts released a free Decrypter tool for the JSWorm 2.0 variant.

In July the company released other free decryptors for the LooCipher ransomware, the ZeroFucks ransomware, and the Ims00rry ransomware.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ransomware, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]