menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Info. Security News News

>

Inside Loc...
source image

Qualys

4d

read

295

img
dot

Image Credit: Qualys

Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations

  • The LockBit ransomware gang recently faced a data breach with dark web panels defaced, leading to a MySQL database dump.
  • The leaked data includes victim negotiation messages and bitcoin addresses from LockBit's affiliate panel.
  • LockBit has evolved since 2019, releasing versions like LockBit 2.0 and LockBit 3.0 with expanded capabilities.
  • LockBit operates on an affiliate model, where core developers create ransomware and affiliates execute attacks.
  • Their attacks involve initial access, lateral movement, data exfiltration, encryption, and ransom note delivery.
  • Leaked chats indicate LockBit demands ransom payment in Bitcoin and offers discounts for payments in Monero.
  • The article highlights critical CVEs exploited by LockBit that organizations should prioritize patching or mitigating.
  • Systems beyond traditional endpoints like Veeam, vCenter, ESXi, NAS devices, and file transfer tools are also targeted by LockBit.
  • Recommendations include patching known vulnerabilities, securing backup infrastructure, and enforcing strong credentials.
  • Understanding LockBit's tactics and enhancing security hygiene are crucial to bolster defenses against ransomware threats.

Read Full Article

like

17 Likes

share

4 Shares

For uninterrupted reading, download the app