Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

San Francisco 49ers NFL team discloses BlackByte ransomware attack

A ransomware attack hit the corporate IT network of the San Francisco 49ers NFL team, The Record reported. The San Francisco 49ers NFL team has fallen victim to a ransomware attack, the news was reported by The Record. The team disclosed the attack after that the BlackByte ransomware added the team to the list of […]

blackbyte ransomware

A ransomware attack hit the corporate IT network of the San Francisco 49ers NFL team, The Record reported.

The San Francisco 49ers NFL team has fallen victim to a ransomware attack, the news was reported by The Record.

The team disclosed the attack after that the BlackByte ransomware added the team to the list of its victims on its dark web leak site.

San Francisco 49ers blackbyte ransomware

The team told The Record that it immediately launched an investigation into the attack and took steps to contain the incident with the help of third-party cybersecurity firms, it also notified law enforcement.

The company added that it has no indication that the security breach involved systems outside of its corporate network, such as those connected ticket holders.

The Record pointed out that the consequence of the ransomware attack could have been catastrophic if the team had qualified for Super Bowl LVI due to the impact on the team’s game preparations.

The BlackByte ransomware operation has been active since September 2021, in October 2021 researchers from Trustwave’s SpiderLabs released a decryptor that can allow victims of the BlackByte ransomware to restore their files for free.

The experts spotted the BlackByte ransomware while investigating a recent malware incident. The analysis of the ransomware revealed that it was developed to avoid infecting systems that primarily use Russian or related languages.

Unlike other ransomware that may have a unique key in each session, that version of BlackByte was using the same raw key to encrypt files and it uses the symmetric-key algorithm AES. Anyone that could access the raw key would be able to decrypt the files. Trustwave researchers found the way to exploit poot coding to create the decrypter.

In February, the FBI published “Indicators of Compromise Associated with BlackByte Ransomware.”

“This joint Cybersecurity Advisory was developed by the Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).” reads the advisory. “BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers.”

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, BlackByte ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]