Recent Blog ArticlesNewest TopicsMost LikesTagged:TagPart 2: LockBit 2.0 ransomware bugs and database recovery attempts In the previous blog post in this series, we provided background about our analysis of the LockBit 2.0 ransomware and described our suspicions that "faulty crypto" was at play. In this post, we will ...Part 1: LockBit 2.0 ransomware bugs and database recovery attempts Microsoft Incident Response (formerly DART/CRSP) researchers have uncovered “buggy code” and critical inconsistencies in the new version of the LockBit ransomware as a result of an engagement with a ...Leveraging the Power of KQL in Incident Response In this blog, we’ll show you how the Microsoft Incident Response (formerly DART/CRSP) uses the Kusto Query Language (KQL) to quickly analyze data during incident response investigations.
