In August, a ransomware attack hit another company. Unfortunately, it hit a regional cloud provider in Europe this time, and we can call this a “critical hit.” So far, we know a virtual server got compromised and used as a jump host; from there, the attacker started to encrypt all volumes in the same domain. Based on pure luck or some profound reconnaissance, the same server migrated into a different data center and continued its unplanned job from there.
Although IT teams and MSPs continue to ramp up their security efforts, ransomware attacks show no signs of slowing down. Statistica’s ransomware report shows that in 2022, there were approximately 493.3 million ransomware attacks, and while this is a decrease from the 625.3 million attacks that occurred in 2021, it’s still higher than all the other years in the last decade.
Anyone whose company has suffered a ransomware attack can tell you that the negative effects are extensive. Ransomware attacks are costly, time-consuming, and damaging to your organization whether you pay the ransom or not. Losing your data would almost certainly be a complete disaster. The question, then, is a pressing one: How do you get your data back without paying the ransom?
Cybersecurity researchers have recently informed that a vulnerability in the latest version of Microsoft Teams allows attackers to inject malware into any organization's network. Though the company has yet to release a patch, there's a change in the configuration you can do to prevent this in the meantime. The exploit was communicated by Max Corbridge and Tom Ellson from the JUMPSEC's Red Team on June 21.
A new ransomware-as-a-service (RaaS) operation called MichaelKors has recently emerged, which targets Linux and VMware ESXi systems. The cybersecurity firm CrowdStrike warns that this trend is significant since ESXi does not support third-party agents or antivirus software which makes it an attractive target for cybercriminals.
The modern threat actor is using the most advanced technologies to gain access to your systems, wreak havoc, and steal your sensitive data. In the constant cybersecurity “arms race,” IT providers, MSPs, and security professionals are incorporating these same advanced technologies to stop these sophisticated attacks. In this article, we’ll discuss the current malware threat and work to better understand what you can do to stop these attacks.