Embargo ransomware escalates attacks to cloud environments

September 27, 2024 at 11:11AM Microsoft warns that the ransomware threat actor Storm-0501 is now targeting hybrid cloud environments and has expanded its tactics to compromise all victim assets. The group has targeted various organizations in the United States and uses various methods to gain access, move laterally, steal data, and deploy the Embargo ransomware. … Read more

Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud

September 27, 2024 at 09:44AM Microsoft issued a warning about Storm-0501’s shift in tactics, targeting hybrid cloud environments. Despite being a relatively new group, Storm-0501 is prolific in carrying out ransomware attacks and has been linked to various ransomware affiliate programs. The group typically targets over-privileged accounts, and Microsoft has provided threat-hunting tips and indicators … Read more

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

September 27, 2024 at 07:30AM Storm-0501, a financially motivated threat actor, has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. with ransomware attacks. They use weak credentials, remote code execution vulnerabilities, and various tools for lateral movements and data exfiltration. The group is also linked to the deployment of Embargo ransomware in … Read more

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×