“The ransomware families that have been most active over the last month are Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin, Crysis/Dharma/Phobos. Most of the attacks leverage phishing and brute-forcing unsecured remote desktop protocol (RDP) endpoints and initial attack vectors to compromise the networks of the organizations and deploy the ransomware. The FBI and CISA recommend organizations conduct threat hunting on their networks aimed at searching for any signs of threat actor activity to prevent attacks before they occur or to minimize the impact of successful attacks.”
