{"id":20963,"date":"2024-06-03T11:58:51","date_gmt":"2024-06-03T18:58:51","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=20963"},"modified":"2024-06-03T11:58:51","modified_gmt":"2024-06-03T18:58:51","slug":"all-about-rhysida-ransomware","status":"publish","type":"post","link":"https:\/\/webdev.securin.xyz\/ransomware\/all-about-rhysida-ransomware\/","title":{"rendered":"All About Rhysida Ransomware"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"20963\" class=\"elementor elementor-20963\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-906e00f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"906e00f\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-54323e3\" data-id=\"54323e3\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-268d911 elementor-widget elementor-widget-text-editor\" data-id=\"268d911\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Rhysida ransomware emerged in May 2023 when it began targeting the education sector, critical manufacturing, tech industries and the government. They became more widely known in August 2023, after a series of attacks on healthcare and public health organizations. The Health Sector Cybersecurity Coordination Centre (HC3) put out an <\/span><a href=\"https:\/\/www.hhs.gov\/sites\/default\/files\/rhysida-ransomware-sector-alert-tlpclear.pdf\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">advisory<\/span><\/a><span style=\"font-weight: 400;\"> about the new ransomware threat. By the end of January 2024, the group had listed 150+ victims spread across 25 countries. <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5a81fb9 elementor-widget elementor-widget-spacer\" data-id=\"5a81fb9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2f6d0d7 elementor-widget elementor-widget-heading\" data-id=\"2f6d0d7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Rhysida Ransomware: Vice Society Rebranded?\n<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e0be231 elementor-widget elementor-widget-text-editor\" data-id=\"e0be231\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Though Rhysida ransomware leverages tactics, techniques and procedures (TTPs) that are eerily similar to Vice Society, there is still not enough proof to declare Rhysida ransomware as a rebrand of Vice Society ransomware. Ongoing monitoring and collaboration from the cybersecurity community can help to build a more complete picture of the Rhysida ransomware.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-061592f elementor-widget elementor-widget-spacer\" data-id=\"061592f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-571d14d elementor-widget elementor-widget-heading\" data-id=\"571d14d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Rhysida Ransomware: Attack Vectors<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-88db870 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"88db870\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-6edd481\" data-id=\"6edd481\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bc72edb elementor-widget elementor-widget-text-editor\" data-id=\"bc72edb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Rhysida ransomware threat actors have been known to use legitimate software to infiltrate and compromise target networks.\u00a0<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PowerShell to gain information about their users and systems within the network<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">PSExec is used to schedule tasks and make changes to registry keys to maintain persistence<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">AnyDesk is used for remote connections<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">WinSCP helps them transfer files<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">MegaSync is leveraged to exfiltrate data from victim machines<\/span><\/li><\/ul><p><br \/><span style=\"font-weight: 400;\">The vulnerability that was most often leveraged by Rhysida ransomware to gain access to target networks was a four-year-old flaw privilege escalation flaw in Microsoft\u2019s Netlogon Remote Protocol, popularly referred to as \u2018ZeroLogon\u2019 (<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-1472\" target=\"_blank\" rel=\"noopener\">CVE-2020-1472<\/a>) and was <\/span><a href=\"https:\/\/www.securin.io\/articles\/securins-threat-intelligence-september-12-2022-september-16-2022\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">called out by Securin<\/span><\/a><span style=\"font-weight: 400;\"> experts as far back as 2022, and by CISA in their KEV catalog in November 2021. The patch for the vulnerability was released in August 2020.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-5627f3d\" data-id=\"5627f3d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-71cf254 elementor-widget elementor-widget-image\" data-id=\"71cf254\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"570\" height=\"574\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/microsoft_netlogon_remote_protocol_vulnerability.png\" class=\"attachment-full size-full wp-image-20966\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/microsoft_netlogon_remote_protocol_vulnerability.png 570w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/microsoft_netlogon_remote_protocol_vulnerability-298x300.png 298w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/microsoft_netlogon_remote_protocol_vulnerability-150x150.png 150w\" sizes=\"(max-width: 570px) 100vw, 570px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-42c046e elementor-widget elementor-widget-spacer\" data-id=\"42c046e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4b959ba elementor-widget elementor-widget-heading\" data-id=\"4b959ba\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Rhysida Ransomware: Victim Patterns and Sectors Targeted<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fa79d11 elementor-widget elementor-widget-text-editor\" data-id=\"fa79d11\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Rhysida ransomware has had a global impact, with a large concentration of incidents in North America, primarily in the USA, and a smattering of attacks in Asia, Australia, Europe and South America. The sectors most heavily targeted by Rhysida ransomware have been the Education sector, with 13 identified targets, the Critical Infrastructure and Manufacturing sector, with 9 targets, and the IT, Communications &amp; Mass Media sector, with 7 targets.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4258071 elementor-widget elementor-widget-image\" data-id=\"4258071\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"864\" height=\"850\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_number_of_attacks_vs_country-.png\" class=\"attachment-full size-full wp-image-20967\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_number_of_attacks_vs_country-.png 864w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_number_of_attacks_vs_country--300x295.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_number_of_attacks_vs_country--768x756.png 768w\" sizes=\"(max-width: 864px) 100vw, 864px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-27e249c elementor-widget elementor-widget-text-editor\" data-id=\"27e249c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The heat map provides an insight into the workings of the ransomware group and which sectors must remain vigilant towards possible cyber incursions and therefore consolidate their weak network endpoints. <\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aef1617 elementor-widget elementor-widget-image\" data-id=\"aef1617\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"942\" height=\"701\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_sector_breakup.png\" class=\"attachment-full size-full wp-image-20968\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_sector_breakup.png 942w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_sector_breakup-300x223.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_sector_breakup-768x572.png 768w\" sizes=\"(max-width: 942px) 100vw, 942px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-387cd9e elementor-widget elementor-widget-text-editor\" data-id=\"387cd9e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>By analyzing this data, businesses can prioritize their cybersecurity efforts and focus on shoring up the weaknesses in their network endpoints to better defend against potential attacks. This insight enables proactive measures to be taken, such as implementing robust security measures, conducting thorough vulnerability assessments, and enhancing overall resilience to mitigate the impact of possible ransomware attacks.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f498ef6 elementor-widget elementor-widget-spacer\" data-id=\"f498ef6\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5ce96bd elementor-widget elementor-widget-heading\" data-id=\"5ce96bd\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Rhysida Ransomware: Attack Methodology<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f9a4397 elementor-widget elementor-widget-text-editor\" data-id=\"f9a4397\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Rhysida ransomware typically spreads through malicious email attachments or downloads from compromised websites. Once it infects a system, it encrypts files and demands a ransom in exchange for the decryption key.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d1aace elementor-widget elementor-widget-image\" data-id=\"5d1aace\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"900\" height=\"600\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_attack_methodology.png\" class=\"attachment-full size-full wp-image-20972\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_attack_methodology.png 900w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_attack_methodology-300x200.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_attack_methodology-768x512.png 768w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bba7936 elementor-widget elementor-widget-spacer\" data-id=\"bba7936\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d709dfc elementor-widget elementor-widget-heading\" data-id=\"d709dfc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Rhysida Ransomware: MITRE Mapping<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f8986d elementor-widget elementor-widget-text-editor\" data-id=\"3f8986d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><a href=\"https:\/\/attack.mitre.org\/\" target=\"_blank\" rel=\"noopener\">MITRE ATT&amp;CK mapping<\/a> involves aligning cybersecurity techniques and tactics with the globally-accessible knowledge base known as ATT&amp;CK, developed by MITRE. This framework categorizes tactics, techniques, mitigations, and campaigns, offering a comprehensive view of cybersecurity threats and defenses.\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ffbf0e5 elementor-widget elementor-widget-image\" data-id=\"ffbf0e5\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"900\" height=\"575\" src=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_mitre_attack_mapping.png\" class=\"attachment-full size-full wp-image-20973\" alt=\"\" srcset=\"https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_mitre_attack_mapping.png 900w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_mitre_attack_mapping-300x192.png 300w, https:\/\/webdev.securin.xyz\/wp-content\/uploads\/2024\/06\/rhysida_ransomware_mitre_attack_mapping-768x491.png 768w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-93604b9 elementor-widget elementor-widget-text-editor\" data-id=\"93604b9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>This is particularly relevant in the case of Rhysida ransomware, as its attack mapping helps organizations understand the specific techniques used by this ransomware group. With this information organizations not only gain insights into Rhysida&#8217;s attack techniques but also enhance their readiness and response capabilities against this specific threat and similar ones.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0ba9c28 elementor-widget elementor-widget-spacer\" data-id=\"0ba9c28\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-de81c93 elementor-widget elementor-widget-heading\" data-id=\"de81c93\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Securin Recommends<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6085dae elementor-widget elementor-widget-text-editor\" data-id=\"6085dae\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Given that the critical Zerologon vulnerability has attracted the attention of not only the Rhysida ransomware group but also the LockBit 3.0 and RagnarLocker ransomware groups in the past, it is crucial for organizations to take proactive measures. To enhance cybersecurity defenses, it is strongly advised that organizations prioritize patching the CISA KEV vulnerability to safeguard vulnerable endpoints effectively. In addition to patching known vulnerabilities, organizations are encouraged to integrate secure-by-design and secure-by-default principles into their systems and processes. By adopting these principles, organizations can proactively mitigate the impact of ransomware techniques, thereby fortifying their overall security posture and reducing the likelihood of successful cyberattacks.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-d8e52df elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"d8e52df\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-25d5c55\" data-id=\"25d5c55\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5895476 elementor-widget elementor-widget-text-editor\" data-id=\"5895476\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3 dir=\"ltr\" style=\"text-align: center;\"><a href=\"https:\/\/securin.io\/contact-us\" target=\"_blank\" rel=\"noopener\">Talk with our experts<\/a> to help fortify your defenses and strengthen your cybersecurity posture.<\/h3>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Rhysida ransomware is a new threat that emerged in May 2023 and has since targeted various sectors, including healthcare and the government, impacting over 150 victims in 25 countries.<\/p>\n","protected":false},"author":1,"featured_media":20983,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[631,117],"tags":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20963"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/comments?post=20963"}],"version-history":[{"count":14,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20963\/revisions"}],"predecessor-version":[{"id":20984,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/20963\/revisions\/20984"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/20983"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=20963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/categories?post=20963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/tags?post=20963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}