An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
Related Posts

Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment
Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment
Mallox Ransomware Flaw Lets Victims Recover Files Without Ransom Payment. Previously known as TargetCompany, ransomware has undergone several evolutionary changes since its initial appearance.
While the malicious actors addressed an earlier cryptographic weakness in February 2022, their subsequent modifications introduced new vulnerabilities that now allow for file recovery without requiring the private ECDH key.
The vulnerability affected versions of the active malware throughout 2023 and early 2024, though the attackers patched it in March 2024.
Avast researchers have uncovered a critical flaw in the Mallox ransomware’s cryptographic schema, enabling victims to recover their encrypted files without paying ransom demands.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
Identifying Affected Systems
Victims can identify if they’ve been affected by the decryptable version by looking for files with specific extensions, including .bitenc, .ma1x0, .mallab, .malox, .mallox, and .xollam.
The vulnerable version of the malware typically leaves ransom notes in each affected folder with names such as “FILE RECOVERY.txt” or “HOW TO RESTORE FILES.txt”.
Avast has released a free decryption tool that can restore affected files. The recovery process requires:
Running the decryptor on the originally infected computer
Administrative privileges for the decryption process
Backing up encrypted files before attempting recovery
The discovery represents a significant setback for the Mallox operation, which has been actively targeting organizations worldwide.
The ransomware group maintained a presence on social media platforms and operated a Dark Web leak site, documenting victims through June 2024.
Without paying the ransom, affected organizations faced the risk of complete data loss or potential exposure of stolen information.
Security experts emphasize the importance of maintaining vigilance against ransomware attacks, as threat actors continuously modify their tactics.
Organizations should monitor for suspicious system behavior, such as unusual processing loads or memory usage, which could indicate an ongoing attack.
The availability of this decryption solution offers hope to victims while highlighting the importance of robust cybersecurity measures and regular system backups.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
The post Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment appeared first on Cyber Security News.
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs
A new report from XM Cyber has found – among other insights – a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside.
The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the XM Cyber Read More

LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released
LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released
[[{“value”:”The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit’s source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos.
"Some of the data on LockBit’s systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a ransom is paid, it does not”}]] Read More
The Hacker News | #1 Trusted Cybersecurity News Site