The ICBC attack has raised some eyebrows. In this threat update, CEO Oli Pinson-Roxburgh looks at how the ICBC was compromised through a VPN that had an unpatched 9.4 CVSS score vulnerability that is easily exploited.
LockBit RaaS and its affiliates have negatively impacted organisations, both large and small, across the world with ransoms paid of approximately $91M since first observed in 2020, here are some key details to know in order to stay safe ⚠
🚨 LockBit is a RaaS (Ransomware-as-a-Service) group that has been active since September 2019.
🚨 It is one of the most active ransomware groups in the world and has been responsible for numerous high-profile attacks.
🚨 LockBit targets a wide range of organisations, including businesses, government agencies, and healthcare providers.
🚨 It is known for its sophisticated attack methods and its ability to encrypt large amounts of data quickly.
🚨 LockBit also uses double extortion tactics, meaning that it threatens to not only encrypt a victim's files but also to release them publicly if the ransom is not paid.
LockBit has been successful through innovation and ongoing development of the group’s administrative panel and the RaaS supporting functions. In parallel, affiliates that work with LockBit and other notable variants are constantly revising the TTPs used for deploying and executing ransomware.
The bad guys are hitting up the internet looking for these kinds of vulnerabilities, our honeypots see them attempting to exploit 22-year-old vulnerabilities like the LockBit affiliates. It's pretty obvious that it's because they still work.
The LockBit affiliates have also been observed exploiting vulnerabilities like CVE-2021-22986, as well as newer vulnerabilities such as:
CVE-2023-0669
CVE-2023-27350
CVE-2021-44228
CVE-2020-1472
CVE-2019-0708
CVE-2018-13379
As you can see some old and some new vulnerabilities, which is why you must get the basics right:
1️⃣ Keeping software up to date
2️⃣ Use strong passwords and multi-factor authentication
3️⃣ Educate employees about cybersecurity best practices
4️⃣ Regularly backup your data
5️⃣ Implement proactive monitoring and look for suspicious activity
6️⃣ Segment your networks
7️⃣ Be prepared for an incident
#defensecybersecurity #cybersecurity #cyberattack #hacked #icbc #cybersecurityawareness #businessadvice #protectyourbusiness #threatdetection #databreach #cybernews #cybersecurityinsights
Like and Subscribe to Defense Cyber Security for more news.
====================
Find out more -► www.defense.com/
Subscribe -► / @defensedotcom
Follow us -► / defense-com
Latest security advice -► www.defense.co...