Security News > 2020 > December > PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers

Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
Researchers said that PLEASE READ ME is an example of an untargeted, transient ransomware attack that does not spend time in the network besides targeting what's required for the actual attack - meaning there's typically no lateral movement involved.
Researchers first observed PLEASE READ ME attacks in January, in what they called the "First phase" of the attack.
Ransomware attacks have continued to hammer hospitals, schools and other organizations in 2020.
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)