Agency / Source: Cybereason, Inc.

Check Ads Availability|e-mail Article

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!

Cybereason WARNS U.S. Companies About New Ransomware Threat from Black Basta Gang - Cybereason, the XDR company, today issued a global threat alert advisory warning U.S. companies about a potentially widespread ransomware campaign run by the Black Basta ransomware gang - Cybereason.com
Cybereason WARNS U.S. Companies About New Ransomware Threat from Black Basta Gang

 

PRZOOM - /newswire/ - Boston, MA, United States, 2022/11/23 - Cybereason, the XDR company, today issued a global threat alert advisory warning U.S. companies about a potentially widespread ransomware campaign run by the Black Basta ransomware gang - Cybereason.com.

   
 
Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security / Anti-Spam / Cybersecurity Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


 

Organizations should be on especially high alert for ransomware attacks during the upcoming holidays, as a recent Cybereason study shows that attacks are common over holidays because organizations are generally under-staffed and ill-prepared for them.

The Black Basta gang emerged in April 2022 and has victimized hundreds of companies in the United States, United Kingdom, Australia, New Zealand and Canada. Organizations in English speaking countries appear to be targets. Cybereason assesses the threat level of ransomware attacks against global organizations today being HIGH.

“You can’t pay your way out of ransomware. Unless an organization is in a life-and-death situation, we don’t advise paying the ransom because you are only fueling the burgeoning ransomware economy. With its operations under the eyes of former REvil and Conti ransomware gang members, Black Basta is being professionally run with well-trained and skilled threat actors. They continue using the double extortion scheme of first breaching an organization and exfiltrating sensitive data before dropping the ransomware payload and threatening to publish stolen data unless a ransom is paid,” said Lior Div, Cybereason CEO and Co-founder.

Key Findings

• Threat actor moves extremely fast: In the different cases of compromise Cybereason identified, the threat actor obtained domain administrator privileges in less than two hours and moved to ransomware deployment in less than 12 hours.
• Threat Level is HIGH: Cybereason’s GSOC assesses the threat level as HIGH given the potentially widespread campaign being run by Black Basta.
• Widespread QBot campaign targeting U.S.-based companies: Threat actors leveraging the QBot loader casted a large net targeting mainly U.S.-based companies and acted quickly on any spear phishing victims they compromised.
• Network lockout: Among the many Qakbot infections Cybereason identified, two allowed the threat actor to deploy ransomware and then lock the victim out of its network by disabling the victim’s DNS service, which made the recovery even more complex.
• Black Basta deployment: One particularly fast compromise Cybereason observed led to the deployment of Black Basta ransomware. This allowed Cybereason researchers to tie a link between threat actors leveraging Qakbot and Black Basta operators.

Ransomware attacks can be stopped. Cybereason offers the following recommendations to organizations to reduce their risk:

• Practice good security hygiene: For example, implement a security awareness program for employees and ensure operating systems and other software are regularly updated and patched.
• Confirm key players can be reached at any time of day: Critical response actions can be delayed when attacks occur over holidays and weekends.
• Conduct periodic table-top exercises and drills: Include key stakeholders from other functions beyondsecurity, such as Legal, Human Resources, IT, and top executives, so everyone knows their roles and responsibilities to ensure as smooth a response as possible.
• Implement clear isolation practices: This will stop any further ingress on the network and prevent ransomware from spreading to other devices. Security teams should be proficient at things like disconnecting a host, locking down a compromised account, and blocking a malicious domain.
• Consider locking down critical accounts when possible: The path attackers often take in propagating ransomware across a network is to escalate privileges to the admin domain-level and then deploy the ransomware. Teams should create highly secured, emergency-only accounts in the active directory that are only used when other operational accounts are temporarily disabled as a precaution or inaccessible during a ransomware attack.
• Deploy EDR on all endpoints: Endpoint detection and response (EDR) remains the quickest way for public and private sector businesses to address the ransomware scourge.

About Cybereason

Cybereason (cybereason.com) is the XDR company, partnering with Defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem. Only the AI-driven Cybereason Defense Platform provides planetary-scale data ingestion, operation-centric MalOp™ detection, and predictive response that is undefeated against modern ransomware and advanced attack techniques. Cybereason is a privately held international company headquartered in Boston with customers in more than 40 countries.

 
 
Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security / Anti-Spam / Cybersecurity Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


 

Agency / Source: Cybereason, Inc.

 
 

Availability: All Regions (Including Int'l)

 

Traffic Booster: [/] Quick PRZOOM - Press & Newswire Visibility Checker

 

Distribution / Indexing: [+]

 
 
# # #
 

 
  Your Banner Ad showing on ALL
IT Security / Anti-Spam / Cybersecurity articles,
CATCH Visitors via Your Competitors Announcements!


Cybereason WARNS U.S. Companies About New Ransomware Threat from Black Basta Gang

Company website links NOT available to basic submissions
It is OK to republish and/or LINK any newswire for any legitimate media purpose as long as you name PRZOOM - Press & Newswire and LINK as the source.
 
  For more information, please visit:
Is this your article? Activate ALL web links by Upgrading to Press Release PREMIUM Plan Now!
Black Basta Gang | Cybereason
Contact: Bill Keeler - Cybereason.com 
929-259-3261 bill.keeler[.]cybereason.com
 
PRZOOM / PRTODAY - Newswire Today disclaims any content contained in this article. If you need/wish to contact the company who published the current release, you will need to contact them - NOT us. Issuers of articles are solely responsible for the accuracy of their content. Our complete disclaimer appears here.
IMPORTANT INFORMATION: Issuance, publication or distribution of this press release in certain jurisdictions could be subject to restrictions. The recipient of this press release is responsible for using this press release and the information herein in accordance with the applicable rules and regulations in the particular jurisdiction. This press release does not constitute an offer or an offering to acquire or subscribe for any Cybereason, Inc. securities in any jurisdiction including any other companies listed or named in this release.

IT Security / Anti-Spam / Cybersecurity via RSSAdd NewswireToday - PRZOOM Headline News to FeedBurner
Find who RetweetFollow @NewswireTODAY

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!


Read Latest Press Releases From Cybereason, Inc. / Company Profile


Read IT Security / Anti-Spam / Cybersecurity Most Recent Related Press Releases:

Liberty Latin America Selects Ribbon Analytics for In-Depth Network Monitoring and Fraud Prevention
Cobwebs Applauded by Frost & Sullivan for Enabling Law Enforcement Teams to More Efficiently Identify New Online Threats
Bitdefender Recognized Under XDR, EDR and EPP Categories in 2022 Gartner® Hype Cycle™ for Endpoint Security Report
Public Safety Threat Alliance Joins CISA’s Joint Cyber Defense Collaborative to Enhance Cybersecurity Posture of United States
Bitdefender Internet Security Named AV-Comparatives’ Product of the Year
Checkmarx Applauded by Frost & Sullivan for Integrating Security into SDLCs via DevOps Security to Maintain Security While Pursuing Innovation
CANAL+ TELECOM, NAGRA and Otodo Innovate with New Mobile Application Securing Connected Devices and Smart Home Users
Fortra’s Alert Logic Named a Leader in G2 Grid for Managed Detection and Response
Cybereason WARNS Global Organizations Against Attacks from the Royal Ransomware Group
Frost & Sullivan Recognizes Xcitium with the 2022 Global Competitive Strategy Leadership Award in the Endpoint Security Industry

Boost Your Social Network
& Crowdfunding Campaigns


LIFETIME SOCIAL MEDIA WALL
 
NewswireToday Celebrates 10 Years in Business
.



PREMIUM Members


Visit  La Bella Bakery Artisan Bakery Arizona

Visit  BizJobs.com

Visit  JobsWare.com







 
  ©2005-2023 PRZOOM - Limelon Advertising, Co.
Home | About PRZOOM | Advertise/Pricing | Contact | Investors | Privacy/TOS | Sitemap | FRANCAIS
newswire, PR press releases distribution service magazines engine news alert newsroom press room breaking news public relations articles company news alerts newswiredistribution ezine bizentrepreneur biznewstoday digital business report market search pr firms agencies reports distri-bution today investor relation successful internet entrepreneur newswire distribution prtoday.com freenewswiredistribution asianewstoday bizwiretoday USA pr UK today