The Play ransomware gang, a threat group presumed to be exclusive and covert, targeted almost 300 organizations around the globe in 17 months. According to the FBI, the group has been notorious for the disruptive attacks on US municipal services and various businesses and critical infrastructures in North and South America, Europe, and Australia. The group invades networks by exploiting public-facing applications and stolen account credentials. Agencies recommend steps like rectifying exploited vulnerabilities, enabling multifactor authentication, ensuring regular updates, and conducting vulnerability assessments to mitigate the group’s ransomware.
GuidePoint warns of Python backdoor used in ransomware
GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was