Security News > 2023 > November > FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
"Threat actors leveraging Rhysida ransomware are known to impact 'targets of opportunity,' including victims in the education, healthcare, manufacturing, information technology, and government sectors," the two agencies noted.
Rhysida malicious actors are known for phishing attacks and exploiting Zerologon, a critical vulnerability enabling Windows privilege escalation within Microsoft's Netlogon Remote Protocol.
The FBI and CISA add that affiliates associated with the Vice Society ransomware group, tracked by Microsoft as Vanilla Tempest or DEV-0832, have transitioned to using Rhysida ransomware payloads during their attacks.
Network defenders are advised to apply mitigations outlined in today's joint advisory to minimize the likelihood and severity of ransomware incidents like Rhysida.
FBI shares AvosLocker ransomware technical details, defense tips.
News URL
Related news
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- The Drop in Ransomware Attacks in 2024 and What it Means (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- FBI warns of massive wave of road toll SMS phishing attacks (source)
- Daixin ransomware gang claims attack on Omni Hotels (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- FBI: Akira ransomware raked in $42 million from 250+ victims (source)