black basta (2)

10484495258?profile=RESIZE_400xActivity Summary - Week Ending on 13 May 2022:

  • Red Sky Alliance identified 35,648 connections from new IP’s checking in with our Sinkholes
  • MS in Sydney Australia hit 134x
  • Analysts identified 1,442 new IP addresses participating in various Botnets
  • Black Basta
  • Stonefly APT
  • Magnus & Grim
  • Exploits in Ransomware used to Block Encryption
  • Risk-Based Cyber Security in the UK
  • Passwords
  • Ransomware Evolution

Link to full report: IR-22-133-001_weekly133.pdf

10464408487?profile=RESIZE_400xBlack Basta, a new ransomware group, has made their presence felt by claiming responsibility for twelve ransomware attacks in the month of April.   Black Basta, like many other ransomware operations, uses double-extortion tactics, stealing victim data before encrypting systems to leverage payment.  The group then uses their Tor site and slowly leaks victim data, applying pressure to victims to pay the ransom for the decryption key.  Notable targets from the first stretch of attacks include the A