CISA Warns of Ongoing Ransomware Campaign Exploiting Vulnerabilities in RDP and VPNs
The DHS Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert about an ongoing Nefilim ransomware campaign, following the release of a security advisory by the New Zealand Computer Emergency Response Team (CERT NZ).
Nefilim ransomware is the successor of Nemty ransomware and was first discovered in February 2020. In contrast to Nemty, Nefilim ransomware is not distributed under the ransomware-as-a-service model. The developers of the ransomware conduct their own attacks and deploy the ransomware manually after gaining access to enterprise networks.
As with other manual ransomware groups, data is...