Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report

I’m proud to announce the release of the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report, Enjoy it! Ransomware has become one of the most dangerous threats for organizations worldwide. Cybercriminal organizations and ransomware gangs have devised new business models that are attracting a broad range of advanced threat actors. It is quite easy today for […]

ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS

I’m proud to announce the release of the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report, Enjoy it!

Ransomware has become one of the most dangerous threats for organizations worldwide. Cybercriminal organizations and ransomware gangs have devised new business models that are attracting a broad range of advanced threat actors. It is quite easy today for cybercrime groups to launch a cyber attack benefitting from the Ransomware-as-a-Service model causing damages of any size.
The ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. The findings are worrisome.
Ransomware operations continue to evolve and are becoming more efficient and causing more devastating attacks. The double-extortion model could expose the most private information of targeted entities on the Internet to the highest bidder.

ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS

The main highlights of the ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS report include the following:

  • A novel LEDS matrix (Lock, Encrypt, Delete, Steal) that accurately maps ransomware capabilities based on the actions performed and assets targeted;
  • A detailed and in-depth analysis of the ransomware life cycle: initial access, execution, action on objectives, blackmail, and ransom negotiation;
  • Collection and in-depth analysis of 623 ransomware incidents from May 2021 to June 2022;
  • More than 10 terabytes of data stolen monthly by ransomware from targeted organisations;
  • Approximately 58.2% of all the stolen data contains GDPR personal data based on this analysis;
  • In 95.3% of the incidents it is not known how threat actors obtained initial access into the target organisation;
  • It is estimated that more than 60% of affected organisations may have paid ransom demands;
  • At least 47 unique ransomware threat actors were found.

Another important aspect to consider when dealing with this threat is that the number of publicly disclosed incidents is just the tip of the iceberg.

The report includes recommendations to increase resilience against ransomware attacks and respond to this threat, enjoy it!

https://www.enisa.europa.eu/publications/enisa-threat-landscape-for-ransomware-attacks

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ENISA)

[adrotate banner=”5″]

[adrotate banner=”13″]