The Royal ransomware group is hitting a broad range of industries including manufacturing, healthcare, local governments, and education sectors. Over 64% of its targets are in the US. Known for its aggressive tactics such as public extortion and harassment, the group is believed to consist of former members of the Conti ransomware group. Royal uses a variety of tools and methods including SEO poisoning, compromised credentials, and network discovery software to gain initial system access and exfiltrate data. It also targets Linux and ESXi environments.
Cyber agencies reveal top 15 routinely exploited vulnerabilities
Five countries’ cybersecurity agencies collaborated on a advisory for Common Vulnerabilities and Exposures (CVEs) frequently exploited in 2023.
