Security News > 2020 > December > PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
Researchers said that PLEASE READ ME is an example of an untargeted, transient ransomware attack that does not spend time in the network besides targeting what's required for the actual attack - meaning there's typically no lateral movement involved.
Researchers first observed PLEASE READ ME attacks in January, in what they called the "First phase" of the attack.
Ransomware attacks have continued to hammer hospitals, schools and other organizations in 2020.
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/
Related news
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- RedCurl cyberspies create ransomware to encrypt Hyper-V servers (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)