Over 300 Indian banks suffer payment disruption from ransomware attack
- by nlqip
“Through thorough investigation and leveraging sensitive sources, CloudSEK has confirmed that the ransomware group responsible for this attack is RansomEXX,” CloudSEK said. “Our extensive engagement with the affected banking sector in India facilitated this determination.”
The AI-powered, threat intelligence firm said the attack happened through a misconfigured Jenkins server, an open-source automation tool for developers to build, test, and deploy software, by exploiting a vulnerability (CVE-2024-23897) to gain unauthorized access.
“According to the report filed by Brontoo Technology Solutions with CertIn(Indian Computer Emergency Response Team) it was mentioned that the attack chain started at a misconfigured Jenkins server,” CloudeSEK added. “CloudSEK threat research team was able to identify the affected Jenkins server and subsequently the attack chain.” While the situation is still evolving and negotiations with the ransomware group are probably underway, the ransomware group has a history of making extravagant ransom demands, and we anticipate a similar approach in this case, CloudSEK added.
Source link
lol
“Through thorough investigation and leveraging sensitive sources, CloudSEK has confirmed that the ransomware group responsible for this attack is RansomEXX,” CloudSEK said. “Our extensive engagement with the affected banking sector in India facilitated this determination.” The AI-powered, threat intelligence firm said the attack happened through a misconfigured Jenkins server, an open-source automation tool for developers…
Recent Posts
- Google says “Enhanced protection” feature in Chrome now uses AI
- Scammers target UK senior citizens with Winter Fuel Payment texts
- Malicious PyPI package with 37,000 downloads steals AWS keys
- Microsoft says recent Windows 11 updates break SSH connections
- Hands on with AI features in Windows 11 Paint and Notepad