Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
The financially motivated threat group used cloud resources to conduct a complex, ransomware-style attack against an enterprise victim.
CRM Breach May Be Tied to Ongoing Scattered Spider and ShinyHunters CampaignCloud software giant Workday said its customer relationship management software has been breached and customer data stolen. The alert comes as attackers continue to pose as employees to trick help desks into giving them direct access to a victim's Salesforce CRM instance.
These crooks have no chill A previously unknown gang dubbed Triplestrength poses a triple threat to organizations: It infects victims' computers with ransomware, then hijacks their cloud accounts to illegally mine for cryptocurrency.…
'Codefinger' crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it.…
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. [...]