Security News > 2021 > September > The Week in Ransomware - September 3rd 2021 - Targeting Exchange
Over the past two weeks, it has been busy with ransomware news ranging from a gang shutting down and releasing a master decryption key to threat actors turning to Microsoft Exchange exploits to breach networks.
The FBI and CISA have also been busy, releasing advisories warning of ransomware attacks over holiday weekends, gangs targeting food and agriculture organizations, information about the 1% group, and IOCs for the Hive Ransomware.
A threat actor released the complete source code for the Babuk Ransomware, allowing any wannabe threat actor to start their own ransomware operation.
Finally, leaked Conti training material and a Pysa data exfiltration script have given us insight into how ransomware gangs conduct their attacks and what data they are targeting.
A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.
Dmitry Smilyanets noted that threat actors worldwide will likely launch their own ransomware operations based on the leaked Babuk ransomware source code.