Security News > 2020 > December > PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
Researchers said that PLEASE READ ME is an example of an untargeted, transient ransomware attack that does not spend time in the network besides targeting what's required for the actual attack - meaning there's typically no lateral movement involved.
Researchers first observed PLEASE READ ME attacks in January, in what they called the "First phase" of the attack.
Ransomware attacks have continued to hammer hospitals, schools and other organizations in 2020.
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/
Related news
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- Starbucks, grocery stores impacted by Blue Yonder ransomware attack (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- BT unit took servers offline after Black Basta ransomware breach (source)