black basta (3)

10601683276?profile=RESIZE_400xThe Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the US, Canada, the UK, Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window.  "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more," Cybereason said in a repo

10484495258?profile=RESIZE_400xActivity Summary - Week Ending on 13 May 2022:

  • Red Sky Alliance identified 35,648 connections from new IP’s checking in with our Sinkholes
  • MS in Sydney Australia hit 134x
  • Analysts identified 1,442 new IP addresses participating in various Botnets
  • Black Basta
  • Stonefly APT
  • Magnus & Grim
  • Exploits in Ransomware used to Block Encryption
  • Risk-Based Cyber Security in the UK
  • Passwords
  • Ransomware Evolution

Link to full report: IR-22-133-001_weekly133.pdf

10464408487?profile=RESIZE_400xBlack Basta, a new ransomware group, has made their presence felt by claiming responsibility for twelve ransomware attacks in the month of April.   Black Basta, like many other ransomware operations, uses double-extortion tactics, stealing victim data before encrypting systems to leverage payment.  The group then uses their Tor site and slowly leaks victim data, applying pressure to victims to pay the ransom for the decryption key.  Notable targets from the first stretch of attacks include the A