Over 100 Organizations Hit by Cuba Ransomware: CISA, FBI By Orbit Brain December 2, 2022 0 223 viewsCyber Security News Residence › Virus & ThreatsOver 100 Organizations Hit by Cuba Ransomware: CISA, FBIBy Ionut Arghire on December 02, 2022TweetCuba ransomware assaults on important infrastructure have continued in 2022, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Safety Company (CISA) warn.Energetic since late 2019, Cuba ransomware is understood for appending the ‘.cuba’ extension to encrypted information, and was beforehand seen being distributed by way of a malware loader referred to as Hancitor, which usually offers menace actors with entry to compromised networks.In December 2021, the FBI issued an alert on Cuba ransomware operations, warning that the cybercriminals behind it might need obtained over $43 million in ransom funds from their victims.In a joint alert printed this week, CISA and the FBI have up to date the determine to $60 million, saying that greater than 100 organizations have been compromised as of August 2022.The ransomware has been utilized in assaults concentrating on organizations within the monetary, authorities, healthcare, IT, and manufacturing sectors.“Since spring 2022, Cuba ransomware actors have modified their TTPs and instruments to work together with compromised networks and extort funds from victims,” CISA and the FBI say.The menace actors proceed to compromise goal networks by way of recognized software program vulnerabilities, phishing, stolen credentials, and legit distant desktop protocol (RDP) instruments. In addition they try to elevate privileges on the compromised programs.Cuba ransomware operators have been noticed exploiting CVE-2022-24521 (a vulnerability within the Home windows CLFS driver), utilizing a PowerShell script for reconnaissance, utilizing KerberCache to extract cached Kerberos tickets, and exploiting CVE-2020-1472 (ZeroLogon) to acquire area administrative privileges.“Cuba ransomware actors use instruments to evade detection whereas shifting laterally by means of compromised environments earlier than executing Cuba ransomware,” the 2 businesses word.Along with encrypting victims’ information, the menace actors additionally exfiltrate information and threaten to launch it publicly until a ransom cost is made.In an August 2022 report, Palo Alto Networks famous that Cuba ransomware operators have began utilizing the RomCom RAT for command-and-control (C&C). The malware is understood for concentrating on meals brokers, international navy organizations, IT organizations, and producers.Cuba ransomware operators can also be utilizing the Industrial Spy ransomware and have been noticed utilizing Industrial Spy’s on-line market to promote information exfiltrated from victims.The menace actors additionally seem to have been concerned in a disruptive assault on Montenegro, which has been attributed to Russia-linked hackers.Associated: Hive Ransomware Gang Hits 1,300 Companies, Makes $100 MillionAssociated: US Healthcare Organizations Warned of ‘Daixin Crew’ Ransomware AssaultsAssociated: FBI: 649 Ransomware Assaults Reported on Vital Infrastructure Organizations in 2021Get the Every day Briefing Most CurrentMost LearnOver 100 Organizations Hit by Cuba Ransomware: CISA, FBIMitsubishi Electrical PLCs Uncovered to Assaults by Engineering Software program FlawsGoogle Migrating Android to Reminiscence-Secure Programming LanguagesWipers Are Widening: Here is Why That Issues‘Schoolyard Bully’ Android Trojan Focused Fb Credentials of 300,000 CustomersBuyers Double Down on Pangea Cyber API Safety WagerAlbanian IT Employees Charged With Negligence Over CyberattackA number of Automotive Manufacturers Uncovered to Hacking by Flaw in Sirius XM Related Car ServiceGoTo, LastPass Notify Prospects of New Information Breach Associated to Earlier IncidentEl Salvador Journalists Sue NSO Group in US Over Alleged Pegasus AssaultsIn search of Malware in All of the Flawed Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureThe best way to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EngagingThe best way to Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise CISA critical infrastructure Cuba extortion FBI ransom ransomware Orbit Brainhttp://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Bias in Artificial Intelligence: Can AI be Trusted?Introducing the Cyber Security News Bias in Artificial Intelligence: Can AI be Trusted?.... July 6, 2022 Cyber Security News
Proofpoint Buys Deception Tech Startup Illusive NetworksIntroducing the Cyber Security News Proofpoint Buys Deception Tech Startup Illusive Networks.... December 13, 2022 Cyber Security News
Fortinet Patches 6 High-Severity VulnerabilitiesIntroducing the Cyber Security News Fortinet Patches 6 High-Severity Vulnerabilities.... November 2, 2022 Cyber Security News
Google Patches Sixth Chrome Zero-Day of 2022Introducing the Cyber Security News Google Patches Sixth Chrome Zero-Day of 2022.... September 6, 2022 Cyber Security News
Netwrix Acquires Remediant for PAM TechnologyIntroducing the Cyber Security News Netwrix Acquires Remediant for PAM Technology.... December 28, 2022 Cyber Security News
Password Report: Honeypot Data Shows Bot Attack Trends Against RDP, SSHIntroducing the Cyber Security News Password Report: Honeypot Data Shows Bot Attack Trends Against RDP, SSH.... October 20, 2022 Cyber Security News