"Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide"

According to a new joint cybersecurity advisory from the US and Australia, the threat actors behind the Play ransomware are estimated to have hit about 300 entities as of October 2023. Authorities said that Play ransomware actors use a double-extortion model, encrypting systems after stealing data. The group has impacted various businesses and critical infrastructure organizations in North America, South America, Europe, and Australia. Play emerged in 2022, exploiting security flaws in Microsoft Exchange servers and Fortinet appliances to compromise organizations and deploy file-encrypting malware. According to Corvus data, ransomware attacks are increasingly exploiting vulnerabilities instead of using phishing emails as initial infection vectors, growing from nearly zero in the second half of 2022 to almost a third in the first half of 2023. This article continues to discuss findings regarding the Play ransomware group.

THN reports "Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide"

Submitted by grigby1