Security News > 2020 > December > PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers
Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases.
Researchers said that PLEASE READ ME is an example of an untargeted, transient ransomware attack that does not spend time in the network besides targeting what's required for the actual attack - meaning there's typically no lateral movement involved.
Researchers first observed PLEASE READ ME attacks in January, in what they called the "First phase" of the attack.
Ransomware attacks have continued to hammer hospitals, schools and other organizations in 2020.
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/
Related news
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)