Over 100 Organizations Hit by Cuba Ransomware: CISA, FBI By Orbit Brain December 2, 2022 0 177 views Residence › Virus & ThreatsOver 100 Organizations Hit by Cuba Ransomware: CISA, FBIBy Ionut Arghire on December 02, 2022TweetCuba ransomware assaults on important infrastructure have continued in 2022, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Safety Company (CISA) warn.Energetic since late 2019, Cuba ransomware is understood for appending the ‘.cuba’ extension to encrypted information, and was beforehand seen being distributed by way of a malware loader referred to as Hancitor, which usually offers menace actors with entry to compromised networks.In December 2021, the FBI issued an alert on Cuba ransomware operations, warning that the cybercriminals behind it might need obtained over $43 million in ransom funds from their victims.In a joint alert printed this week, CISA and the FBI have up to date the determine to $60 million, saying that greater than 100 organizations have been compromised as of August 2022.The ransomware has been utilized in assaults concentrating on organizations within the monetary, authorities, healthcare, IT, and manufacturing sectors.“Since spring 2022, Cuba ransomware actors have modified their TTPs and instruments to work together with compromised networks and extort funds from victims,” CISA and the FBI say.The menace actors proceed to compromise goal networks by way of recognized software program vulnerabilities, phishing, stolen credentials, and legit distant desktop protocol (RDP) instruments. In addition they try to elevate privileges on the compromised programs.Cuba ransomware operators have been noticed exploiting CVE-2022-24521 (a vulnerability within the Home windows CLFS driver), utilizing a PowerShell script for reconnaissance, utilizing KerberCache to extract cached Kerberos tickets, and exploiting CVE-2020-1472 (ZeroLogon) to acquire area administrative privileges.“Cuba ransomware actors use instruments to evade detection whereas shifting laterally by means of compromised environments earlier than executing Cuba ransomware,” the 2 businesses word.Along with encrypting victims’ information, the menace actors additionally exfiltrate information and threaten to launch it publicly until a ransom cost is made.In an August 2022 report, Palo Alto Networks famous that Cuba ransomware operators have began utilizing the RomCom RAT for command-and-control (C&C). The malware is understood for concentrating on meals brokers, international navy organizations, IT organizations, and producers.Cuba ransomware operators can also be utilizing the Industrial Spy ransomware and have been noticed utilizing Industrial Spy’s on-line market to promote information exfiltrated from victims.The menace actors additionally seem to have been concerned in a disruptive assault on Montenegro, which has been attributed to Russia-linked hackers.Associated: Hive Ransomware Gang Hits 1,300 Companies, Makes $100 MillionAssociated: US Healthcare Organizations Warned of ‘Daixin Crew’ Ransomware AssaultsAssociated: FBI: 649 Ransomware Assaults Reported on Vital Infrastructure Organizations in 2021Get the Every day Briefing Most CurrentMost LearnOver 100 Organizations Hit by Cuba Ransomware: CISA, FBIMitsubishi Electrical PLCs Uncovered to Assaults by Engineering Software program FlawsGoogle Migrating Android to Reminiscence-Secure Programming LanguagesWipers Are Widening: Here is Why That Issues‘Schoolyard Bully’ Android Trojan Focused Fb Credentials of 300,000 CustomersBuyers Double Down on Pangea Cyber API Safety WagerAlbanian IT Employees Charged With Negligence Over CyberattackA number of Automotive Manufacturers Uncovered to Hacking by Flaw in Sirius XM Related Car ServiceGoTo, LastPass Notify Prospects of New Information Breach Associated to Earlier IncidentEl Salvador Journalists Sue NSO Group in US Over Alleged Pegasus AssaultsIn search of Malware in All of the Flawed Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureThe best way to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EngagingThe best way to Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp CISA critical infrastructure Cuba extortion FBI ransom ransomware Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Brazilian PAM Company Senhasegura Raises $13 MillionIntroducing the Cyber Security News Brazilian PAM Company Senhasegura Raises $13 Million.... December 6, 2022 Cyber Security News
New Open Source Tool Shows Code Injected Into Websites by In-App BrowsersIntroducing the Cyber Security News New Open Source Tool Shows Code Injected Into Websites by In-App Browsers.... August 22, 2022 Cyber Security News
US Indicts Iranians Who Hacked Power Company, Women’s ShelterIntroducing the Cyber Security News US Indicts Iranians Who Hacked Power Company, Women’s Shelter.... September 14, 2022 Cyber Security News
SIM Swappers Sentenced to Prison for Hacking Accounts, Stealing CryptocurrencyIntroducing the Cyber Security News SIM Swappers Sentenced to Prison for Hacking Accounts, Stealing Cryptocurrency.... October 21, 2022 Cyber Security News
Fortinet Says Recently Patched Vulnerability Exploited to Hack GovernmentsIntroducing the Cyber Security News Fortinet Says Recently Patched Vulnerability Exploited to Hack Governments.... January 13, 2023 Cyber Security News
Former Uber CISO Joe Sullivan Found Guilty Over Breach Cover UpIntroducing the Cyber Security News Former Uber CISO Joe Sullivan Found Guilty Over Breach Cover Up.... October 6, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 77
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71
Bitcoin ETF Netflows May Experience Rebound If This Price Is Attained, Analyst ExplainsMarch 23, 2024 70