Nowadays, ransomware attacks have been growing at an increasing rate, and the threat actors are gaining a lot of access to today’s workstations. Recently, the economy has almost stopped, morning commutes end, and traditional offices are already disappeared.
The Advanced Intel group had detected that Ryuk ransomware operators had used pentester toolkit for targeted cybercrime operations, and they have succeeded in their operation.
However, the cybersecurity research team has already detected the kill chain that has been utilized and operated by the threat actors.
The threat actors of Ryuk ransomware have used pure malware, like BazarBackdoor, BazarLoader, and Ryuk. Many intermediate steps are present in the kill chain, which involves all kinds of commercial or open-source tools.
Recent Sector Breach Activities
The operators of the Ryuk ransomware group includes 15 different steps from the initial infection point to the distribution of ransomware payloads upon a victim’s network. And here are the 15 steps through which the operators infect their victims:-
According to report, there are some detections and mitigations that users should follow strictly to stay safe, and here they are mentioned below:-
Apart from this, the security experts also affirmed that if any victim or users need optimum protection, then they should use the virtual home offices, especially those operating in the C-suite, to reconsider segmenting home networks.
You can follow us on Linkedin, Twitter, Facebook for daily Cyber security and hacking news updates.
ServiceNow recently disclosed three critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) affecting multiple Now Platform versions,…
A newly discovered vulnerability in Google Cloud Platform (GCP) has raised significant security concerns among…
The PKfail vulnerability is a significant security issue affecting over 200 device models of Secure…
A vulnerability in OpenStack's Nova component has been identified, potentially allowing hackers to gain unauthorized…
A North Korean military intelligence operative has been indicted for orchestrating a series of cyberattacks…
RA World, an emerging ransomware group, has been increasingly active since March 2024, using a…