Ransomware, Threat Management, Malware

Microsoft sheds light on ransomware landscape

Ransomware attacks have been conducted by over 100 threat actors last year, while active ransomware families used in attacks exceeded 50, according to BleepingComputer. LockBit Black, BlackCat/ALPHV, Vice Society, Black Basta, Play, and Royal were among the most popular ransomware payloads in 2022, a Microsoft report showed. However, the report noted that defense strategies should prioritize activity chains prior to deployment rather than the payloads themselves amid the persistent targeting of unpatched servers and devices to facilitate the attacks. Such a technique was observed in the exploitation of Exchange Servers vulnerable to recently patched flaws by DEV-0671 and DEV-0882 to enable Cuba and Play ransomware deployment. Even though the Conti cybercrime operation has been taken down last year, other ransomware operations, such as BlackCat, LockBit, Hive, Cuba, and Ragnar Locker have persisted. Moreover, Black Basta, Play, Royal, and other ransomware-as-a-service operations have also emerged to pose new threats in the ransomware scene.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.