From ransomware attacks to analysis of threats, we have more notables on ransomware activity plaguing the threat landscape. Understanding the behaviors and traits of ransomware groups helps us improve our defenses and not be sitting ducks.
The Week in Ransomware – June 18, 2021. Despite the great work by law enforcement and researchers, there were still several notable ransomware attacks last week. Check out Bleeping Computer’s weekly recap for what you may have missed.
Don’t be a Sitting Duck for Ransomware. Threatpost explores some of the low-hanging fruit that ransomware groups exploit and what organizations can do about it. Check out Threatpost for more.
More “DARKSIDE.” From affiliates to impersonators, the impacts from DARKSIDE ransomware are still alive and well. In last week’s Another Ransomware Roundup – June 17, 2020, we shared research from Mandiant on DARKSIDE Affiliates May Still be Active and Even Linux isn’t Safe from Ransomware. This week, AT&T Alien Labs shares its recent analysis of the Linux version of the Darkside RaaS ransomware. According to Alien Labs, unlike the Windows version of the malware that targets any Windows endpoint, Darkside Linux version is mostly targeting ESXi servers. Check out the analysis at AT&T.
In addition to affiliates, there are some impersonators out there. According to TrendMicro, someone out there is impersonating the infamous DARKSIDE ransomware gang and trying to trick companies in the energy and food industry to part with 100 Bitcoins. HelpNetSecurity has more.
Big Game Hunting Ransomware Techniques. Learn more about how ransomware actors have evolved over the past year, what to expect next, and what to do about it in this post from Crowdstrike.