Tag

Play Ransomware

All articles tagged with #play ransomware

cybersecurity7 months ago•4 min saved

FBI Warns of Surge in Play Ransomware Attacks on Hundreds of Organizations

The FBI and CISA have issued a critical alert about the rapid increase in Play ransomware attacks, which have affected over 900 organizations worldwide, including critical infrastructure. The ransomware, linked to North Korean state-sponsored groups and distributed via threat groups like Balloonfly, exploits vulnerabilities in Windows and other systems. Organizations are urged to implement urgent security measures such as patching vulnerabilities, using multi-factor authentication, securing passwords, and network segmentation to defend against these evolving threats.

via Forbes|

#cyberattack #cybersecurity #fbi

cybersecurity2 years ago•1 min saved

Ransomware Gang Enhances Capabilities with Custom Data-Theft Tool.

Play ransomware group has developed two custom tools, Grixba and VSS Copying Tool, to improve the effectiveness of its cyberattacks. Grixba is a network-scanning and information-stealing tool used to enumerate users and computers in a domain, while VSS Copying Tool allows attackers to interact with the Volume Shadow Copy Service (VSS) via API calls using a bundled AlphaVSS .NET library. Both tools enable attackers to gather information about security, backup, and remote administration software, and easily copy files from VSS to bypass locked files. Symantec discovered and analyzed the new tools and shared their findings with BleepingComputer before publishing their report.

via BleepingComputer|

#custom-tools #cybersecurity #data-theft