The Play ransomware group, also known as Balloonfly and PlayCrypt, has targeted approximately 300 organizations worldwide, including businesses and critical infrastructure entities, by exploiting security flaws in Microsoft Exchange servers and Fortinet appliances.
Mikhail Pavlovich Matveev, a Russian national based in St Petersburg, has been identified as a key figure in the development and distribution of LockBit, Babuk, and Hive ransomware variants, with affiliations to other ransomware groups and involvement in unethical practices.
Law enforcement agencies, including the FBI and Europol, successfully disrupt the operations of the Russia-based BlackCat ransomware group, helping over 500 victim companies restore their systems and avoiding $68 million in ransom payments.
Akamai Technologies has disclosed two security vulnerabilities in Microsoft Windows Outlook clients that could potentially be exploited by cybercriminals to achieve remote code execution on the Outlook email service without any user interaction.
The US Cybersecurity and Infrastructure Security Agency (CISA) is calling on technology manufacturers to enhance security measures by eliminating default passwords in their products, in order to prevent malicious cyber actors from exploiting these passwords and compromising critical infrastructures in the US.
The SolarWinds attack in December 2020 compromised national security by gaining unauthorized access to SolarWinds’ software development environment and injecting malicious code into Orion platform updates, raising concerns about SolarWinds’ cybersecurity practices.
