#playcrypt — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #playcrypt, aggregated by home.social.
-
Updated Response to CISA Advisory (AA23-352A): #StopRansomware: Play Ransomware – Source: securityboulevard.com https://ciso2ciso.com/updated-response-to-cisa-advisory-aa23-352a-stopransomware-play-ransomware-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #ransomwareasaservice #adversaryemulation #BroadBasedAttacks #CyberSecurityNews #SecurityBoulevard #StopRansomware #ransomware #Playcrypt #Play
-
FBI: Over 900 Organizations Hit by Play Ransomware, SimpleHelp Exploits and ESXi Variants Used
https://forum.hashpwn.net/post/642
#playcrypt #ransomware #RaaS #simplehelp #exploit #esxi #hashpwn #cybersecurity #news
-
New bullies on the block: They don’t PLAY nice.
In mid-November 2022, #Sophos X-Ops responded to an incident where PLAY #ransomware, also known as #PlayCrypt, was found in an under-protected environment.
PLAY is a relatively new ransomware variant, first reported in mid-July of 2022. It deploys a variety of commonly abused tools, similar to other Ransomware-as-a-Service (RaaS) deployments such as Hive or Nokoyawa. In this thread we’ll walk through what Sophos X-Ops researchers @bencrypted and @th3_protoCOL saw in their analysis – a process our Rapid Response team observed in reverse, starting their work with this customer when they were called in at the 14-day mark.
The IoCs provided in this writeup are available on our Github: https://github.com/sophoslabs/IoCs. -
I've had a look at #Play, aka #PlayCrypt #ransomware. And it seems to me that there is more than meets the eye when it comes to negotiations management. At first, it looks like "just" e-mail. But I suspect there's more to it than just that. More about it in this piece (sorry, it's in French): https://www.lemagit.fr/actualites/252527798/Play-ce-nouveau-ransomware-utilise-contre-les-Alpes-Maritimes-et-ITS-Group