The Noberus ransomware (also known as BlackCat and ALPHV) has received a major update, and affiliates deploying it have also evolved their tactics.
The Iranian state-backed actors who attacked the Albanian government targeted an old SharePOint vulnerability for initial access.
The U.S. government security advisory comes the same week that the Los Angeles Unified School District, the second-largest U.S. school district, said it was hit by ransomware.
Researchers warn of an uptick in multiple ransomware groups targeting the same vulnerable networks, as seen in a recent attack that involved Hive, LockBit and BlackCat/ALPHV affiliates.
Megan Stifel, the chief strategy officer at the Institute for Security and Technology and co-chair of the Ransomware Task Force, talks about ransomware mitigation measures for organizations at a global scale and for small and medium-sized businesses.