"CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks"
The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued an advisory on the threat actors behind the Rhysida ransomware conducting attacks on organizations in various industries. Rhysida actors have compromised organizations in the education, manufacturing, Information Technology (IT), and government sectors, and any ransom paid is divided between the group and affiliates, according to the agencies. They use external-facing remote services such as Virtual Private Networks (VPNs), the Zerologon vulnerability, and phishing campaigns to gain initial access and persistence within a network. This article continues to discuss the Rhysida ransomware attacks.
THN reports "CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks"
Submitted by grigby1