The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the US, Canada, the UK, Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more," Cybereason said in a repo
- Red Sky Alliance identified 35,648 connections from new IP’s checking in with our Sinkholes
- MS in Sydney Australia hit 134x
- Analysts identified 1,442 new IP addresses participating in various Botnets
- Black Basta
- Stonefly APT
- Magnus & Grim
- Exploits in Ransomware used to Block Encryption
- Risk-Based Cyber Security in the UK
- Ransomware Evolution
Link to full report: IR-22-133-001_weekly133.pdf
Black Basta, a new ransomware group, has made their presence felt by claiming responsibility for twelve ransomware attacks in the month of April. Black Basta, like many other ransomware operations, uses double-extortion tactics, stealing victim data before encrypting systems to leverage payment. The group then uses their Tor site and slowly leaks victim data, applying pressure to victims to pay the ransom for the decryption key. Notable targets from the first stretch of attacks include the A
Note: this page contains paid content.
Please, subscribe to get an access.