Security News > 2023 > November > FBI and CISA warn of opportunistic Rhysida ransomware attacks
![FBI and CISA warn of opportunistic Rhysida ransomware attacks](/static/build/img/news/fbi-and-cisa-warn-of-opportunistic-rhysida-ransomware-attacks-medium.jpg)
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
"Threat actors leveraging Rhysida ransomware are known to impact 'targets of opportunity,' including victims in the education, healthcare, manufacturing, information technology, and government sectors," the two agencies noted.
Rhysida malicious actors are known for phishing attacks and exploiting Zerologon, a critical vulnerability enabling Windows privilege escalation within Microsoft's Netlogon Remote Protocol.
The FBI and CISA add that affiliates associated with the Vice Society ransomware group, tracked by Microsoft as Vanilla Tempest or DEV-0832, have transitioned to using Rhysida ransomware payloads during their attacks.
Network defenders are advised to apply mitigations outlined in today's joint advisory to minimize the likelihood and severity of ransomware incidents like Rhysida.
FBI shares AvosLocker ransomware technical details, defense tips.
News URL
Related news
- CISA warns of Windows bug exploited in ransomware attacks (source)
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)
- Qilin ransomware gang linked to attack on London hospitals (source)
- FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out (source)
- FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims (source)
- London hospitals face blood shortage after Synnovis ransomware attack (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)
- Panera warns of employee data breach after March ransomware attack (source)
- Toronto District School Board hit by a ransomware attack (source)