The Cybersecurity Tools Are Fine. The Strategy Is What's Missing
TL;DR: Most businesses that experience a serious cyber incident had security tools in place when it happened. The problem isn't the firewall or the...
1 min read
Heroic Technologies : Updated on March 18, 2026
The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty. Called Onyx, outwardly, the operation does what most ransomware campaigns do. It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the broader public unless their demands for payment are met.
An additional fee is demanded to unlock the encrypted files, but there’s a catch in this instance.
Any file larger than 2MB in size is deleted and then overwritten before encryption to make it appear that the file is still intact. Unfortunately, when victims pay the fee to have their files decrypted, they discover that the file is garbage and the actual file they wanted has been deleted.
This is not a flaw in the malicious code but rather an intentional design decision. It is implemented to inflict maximal pain on companies that fall victim to their attack.
The discovery was only recently made. So it’s quite likely that at least some companies have paid the demanded ransom in hopes of getting their files back, only to have those hopes dashed.
Given this fact, if you are hit with an Onyx attack, don’t pay the ransom. It won’t do you any good, except where your smaller files are concerned. Your only hope is to restore those files from backup, and you certainly don’t need to pay the ransom to do that.
Malware attacks in general and particularly ransomware attacks are an unfortunate part of corporate life these days. Whether due to poor planning, faulty backups, or something else, some companies feel the need to pay the ransom and get on with the business of their business. However, in this case, the Onyx campaign proves that there is no honor among thieves. Be careful out there.
TL;DR: Most businesses that experience a serious cyber incident had security tools in place when it happened. The problem isn't the firewall or the...
TL;DR: Law firms holding privileged client data aren't just security targets; they're ethical custodians with documented obligations under ABA Model...
TL;DR: Most law firms don't have an IT problem; they have an IT partner problem. A generalist provider can keep the lights on, but supporting legal...
1 min read
The UK’s National Cyber Security Centre (NCSC) has identified more than 4,000 different retailers that have been compromised by hackers exploiting...
1 min read
Data is the lifeblood of every law firm. From client information and case files to important legal documents and communications, the loss of this...
1 min read
Law firms are constantly facing a critical clash between their IT infrastructure and the ever-evolving threats posed by cyber-attacks and data...