All news with #play tag

🛏️ The Play ransomware group claims to have stolen confidential MyPillow data and threatened a public dump, while CEO Mike Lindell denies any breach and calls the allegations politically motivated. Lindell says MyPillow stores no sensitive data internally and has received no ransom demands, attributing data handling to third parties. The Play group's leak portal set a deadline for release, leaving the truth pending until the deadline passes. The article warns that third-party handling of data still exposes organisations and individuals to meaningful risk.

🛡️ Shanya is a packer-as-a-service used by multiple ransomware gangs to conceal payloads that disable endpoint detection and response (EDR) tools. The service returns a custom, encrypted wrapper that decrypts and decompresses the payload entirely in memory and inserts it into a memory-mapped copy of shell32.dll, avoiding disk artifacts. Sophos telemetry links Shanya-packed samples to Medusa, Qilin, Crytox and Akira, and notes techniques that crash user-mode debuggers and facilitate DLL side-loading to deploy EDR killers.