A Microsoft report noted that an organisation was compromised by an unpatched Exchange server. Following the compromise, the attacker collected network and operating system information to identify domain computers, domain controllers, and administrators. Then they discovered a password folder that contained account credentials. The attacker was also able to steal intellectual property, encrypt data, and demand a ransom for the decryption keys. IT and security teams should patch critical applications as soon as security updates are released. Monitoring networks for suspicious activity is also essential since the ransomware was deployed two weeks after the attacker entered the network.
Separately, CyberSecurity360 reported that the AlphV gang is demanding $4.5 million from the University of Pisa following a ransomware attack there. As proof of the hack, the gang has already published what it claims is stolen data. The ransom will be raised if payment is not made by Friday.
Cyber threat analyst Brett Callow of Emsisoft tweeted that the AlphV gang has added another pressure tactic: It’s created a site on the open web where employees and customers of victim organisation can check if their personal information has been copied. It is likely the gang is using stolen email addresses to contact people it believes are affected. By doing this, they expect their employer or partner firm to give in to the crooks’ demands. Other criminal gangs are doing the same, according to Callow. BlackCat/AlphV is a rebranding of the Darkside and BlackMatter gangs.
All the details about WhatsApp Group Video Calls: More features, muted calls, and messaging anyone
New features are coming to WhatsApp Group video calls, giving the host more control over the overall experience. During a WhatsApp….
Snapchat+, a new subscription service, is being tested by Snap
Snapchat Inc, the parent company of the photo messaging app Snapchat, is testing a new subscription service called Snapchat+ that will give…