DFIR Report
Detailed analysis of attack vectors, forensic findings, response actions, and lessons learned to help organizations improve their security posture and incident handling capabilities.
B0 Software Group is a potentially new ransomware-as-a-service threat using RDP brute force for access and deploying Golang-based ransomware with anti-forensic features. It skips data exfiltration, targets key services, and has weak encryption. A decryptor exists due to flaws in its key reuse and insecure key handling.