Security pros believe the incident may be a “smash and grab” attack, where the threat actors go in, grab what data they can find, then try to sell it on the dark web.
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
A Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development and the wider threat landscape
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions