Welcome to The Threat Show, powered by Fletch! This week, we cover the threat landscape and seven trending threats you should know about with an emphasis on ransomware. We explore the recent surge in ransomware activity, the extent of damage these attacks can cause, new tactics being used by threat groups, and provide actionable steps for small/medium-sized businesses to enhance their protection.
Threat Landscape (00:37)
Darien and Chris break down this week’s Threat Landscape, broadly examining the threats that emerged, started to trend, and became mainstream, as well as the threats that haven’t seen any activity in the past month.
New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability (02:21)
Ruckus Wireless Networking Gear has a massive vulnerability that exposes vulnerable devices to full RCE (remote code execution) by attackers. This vulnerability has the potential to be exploited by a new botnet, leading to the compromise of the affected gear and the propagation of the botnet.
Rise in Attacks Against ESXi: Babuk Source Code Inspires Nine Different Ransomware Strains (05:51)
In September 2021 source code for the Babuk ransomware strain leaked, spawning at least nine different ransomware variants.
New ransomware gang RA Group quickly expanding operations (06:34)
RAGroup is a mutation of the Babuk ransomware strain that has gained significant traction. The group has gained attention for its targeted attacks on various organizations worldwide, including government agencies, healthcare institutions, and financial sectors.
Ransomware gang steals data of 5.8 million PharMerica patients (08:57)
The MoneyMessage ransomware group has stolen sensitive data belonging to approximately 5.8 million PharMercia patients.
NextGen Facing a Dozen Lawsuits So Far Following Breach (11:18)
NextGen Healthcare was previously compromised by the BlackCat ransomware group. As a consequence, they’re facing several lawsuits from patients whose data was stolen.
Unraveling Akira Ransomware (15:07)
Akira is a strain of ransomware targeting education, healthcare, manufacturing, and construction industries in North America. New variants will likely show up over the next few months.
CISA, FBI, and ACSC Confirm BianLian Ransomware's Switch to Extortion-Only Attacks (16:43)
BanLian ransomware has switched tactics to focus on extortion-only attacks. This shift in strategy reflects an evolving trend in ransomware operations, where threat actors seek to maximize their profits by exploiting the fear and potential damage associated with data leaks.
Ransomware on the Rise (17:57)
Darien and Chris look into the recent surge in ransomware activity, warn of the extent of damage these attacks can cause, explore new tactics being used by threat groups, and provide actionable steps small/medium-sized businesses can use to enhance their ransomware protection.
