BianLian ransomware gang has been noted by a joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency, and Australia's Cyber Security Centre to have changed up its operations to leverage exfiltration-based extortion rather than ransomware encryption it initially used since its emergence two years ago, SiliconAngle reports.
Various critical infrastructure entities and other organizations in the U.S., UK, and Australia have been compromised by BianLian last year through the use of valid Remote Desktop Protocol credentials and open-source tools, which facilitated data exfiltration efforts.
Organizations have been urged by the joint advisory to adopt security measures to better protect themselves from the threat of BianLian ransomware, including the implementation of remote access tool audits and remote access detection software.
Meanwhile, Halcyon Tech CEO Jon Miller noted that BianLian's transition indicates the high level of success for double extortion.
"It works so well that we will likely see more groups follow suit and forego the hassle of developing and managing the encryption and decryption process in favor of a less complicated attack," Miller added.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news