Wednesday, July 3, 2024

Grow Your Business and Join MarketWorld Marketplace and Create Your Own Store front

HomeCyberSecurityBlack Basta ransomware is toying with critical infrastructure providers, authorities say
CyberSecurity

Black Basta ransomware is toying with critical infrastructure providers, authorities say

David Jones
By David Jones
0
32
Black Basta ransomware is toying with critical infrastructure providers, authorities say

Dive Brief:

  • Black Basta ransomware has targeted healthcare and other critical infrastructure providers in recent months, impacting more than 500 organizations around the world as of this month, the FBI and Cybersecurity and Infrastructure Security Agency warned Friday in a joint advisory with the Department of Health and Human Services and MS-ISAC. The alert comes just after a ransomware attack hit Ascension, a major healthcare provider that was forced to divert patients last week.
  • Black Basta ransomware has targeted 12 of the 16 government designated critical infrastructure sectors. Federal authorities have also linked the ransomware-as-a-service group to exploitation of critical vulnerabilities in ConnectWise ScreenConnect since February.  
  • Black Basta is using a social-engineering campaign to target managed detection and response security tool users, according to research released Friday by Rapid7. Users have been prompted to download remote management tools, such as AnyDesk or Microsoft’s Quick Assist feature. 

Dive Insight:

The warnings come amid a string of escalating attacks against hospitals and public health organizations. 

Black Basta was previously linked to threat activity involving exploitation of critical vulnerabilities in ConnectWise ScreenConnect. Researchers from Trend Micro linked Black Basta to exploitation of CVE-2024-1709, a critical vulnerability with a CVSS score of 10. 

Beyond healthcare, Black Basta has targeted utilities and manufacturing, Laurie Iacono, North American threat intel lead at Kroll Cyber Risk, said via email.

Black Basta has made multiple attempts to launch social engineering attacks since April, Rapid7 said. 

“As part of our investigation into these social engineering events, Rapid7 observed both host-based and network-based indicators that were consistent with other Black Basta ransomware cases we had previously investigated,” Robert Knapp, senior manager, incident response services at Rapid7, said via email. 

Rapid7 researchers also identified overlap with activity cited in the CISA advisory.


Source link

Bookmark (0)
Previous article
OpenAI’s ChatGPT announcement: Watch live here
Next article
Trump ahead of Biden in these key swing states: Poll
David Jones
David Jones
RELATED ARTICLES
- Advertisment -spot_img

Most Popular

Load more

Sponsored Business

- Advertisment -spot_img

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

Market World’s portal of services include news, marketing, development and ecommerce. We strive to meet the needs and provide high value for all visitors and customers. We offer digital services for small, mid-sized and large enterprise platforms. We treat our customers as partners and offer the tools and services for growth and success for your journey.

Become a Market World Entrepreneur

FOLLOW US              

© 2022 Market World LLC. All rights reserved