Researchers Report First Instance of Automated SaaS Ransomware Extortion
(www.darkreading.com)
from 01189998819991197253@infosec.pub to securitynews@infosec.pub on 14 Jun 2023 05:21
https://infosec.pub/post/69434
from 01189998819991197253@infosec.pub to securitynews@infosec.pub on 14 Jun 2023 05:21
https://infosec.pub/post/69434
Form the article: “The 0mega ransomware group has successfully pulled off an extortion attack against a company’s SharePoint Online environment without needing to use a compromised endpoint, which is how these attacks usually unfold. Instead, the threat group appears to have used a weakly secured administrator account to infiltrate the unnamed company’s environment, elevate permissions, and eventually exfiltrate sensitive data from the victim’s SharePoint libraries. The data was used to extort the victim to pay a ransom.”
threaded - newest