IBM X-Force has been monitoring the evolution of Russian threat actor Hive0051’s malware capabilities for the past 18 months, noting significant advances. Key improvements include a multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and fileless PowerShell versions of Gamma malware. Hive0051’s escalating activity, including an increase in active infections and unique malicious domains, signifies an elevation of resources and ongoing operations.

Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware
A cybersecurity researcher has decrypted the Linux/ESXI variant of Akira ransomware, allowing data recovery without ransom. The method exploits a flaw in the malware’s encryption