"New Gangs and New Tactics Mean More Victims of Ransomware"

According to the latest 2022 Bi-Annual Cyber Threat Report from Deep Instinct, ransomware actors have been forming affiliate gangs and employing new tactics to draw more victims. The report reveals changes in ransomware gangs such as LockBit, Hive, BlackCat, and Conti. Conti has been divided into several splinter groups, including Quantum, BlackBasta, and BlackByte. Following the takedown of Conti, these three prominent former affiliate groups emerged under their own operations. The study also discovered a shift in tactics, with the use of documents to deliver malware decreasing as a result of Microsoft's decision to disable macros by default in Microsoft Office files. Threat actors have already begun to use alternative methods to distribute malware, such as LNK, HTML, and archive email attachments. Several vulnerabilities have also demonstrated the exploitability of both Windows and Linux systems, despite efforts to improve their security. According to an analysis of the Known Exploited Vulnerability (KEV) catalog published by the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the number of exploited in-the-wild vulnerabilities spikes every three to four months, and researchers anticipate another spike as the end of the year approaches. This article continues to discuss findings shared in Deep Instinct's 2022 Bi-Annual Cyber Threat Report.  

BetaNews reports "New Gangs and New Tactics Mean More Victims of Ransomware"