-
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions.
- October 30, 2024
- 11:55 AM
0
-
Microchip Technology confirms data was stolen in cyberattack
American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang.
- September 04, 2024
- 06:05 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
New Play ransomware Linux version targets VMware ESXi VMs
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines.
- July 22, 2024
- 01:01 PM
- 0
-
Dallas County: Data of 200,000 exposed in 2023 ransomware attack
Dallas County is notifying over 200,000 people that the Play ransomware attack, which occurred in October 2023, exposed their personal data to cybercriminals.
- July 11, 2024
- 01:15 PM
- 2
-
Switzerland: Play ransomware leaked 65,000 government documents
The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.
- March 07, 2024
- 03:27 PM
- 0
-
FBI: Play ransomware breached 300 victims, including critical orgs
The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities.
- December 18, 2023
- 11:24 AM
- 0
-
Swiss government warns of ongoing DDoS attacks, data leak
The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while today, it warns that it is now targeted in DDoS attacks.
- June 12, 2023
- 10:58 AM
- 1
-
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks.
- April 19, 2023
- 06:00 AM
- 1
-
Ransomware gang leaks data stolen from City of Oakland
The Play ransomware gang has begun to leak data from the City of Oakland, California, that was stolen in a recent cyberattack.
- March 04, 2023
- 03:47 PM
- 0
-
Play ransomware claims disruptive attack on City of Oakland
The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February.
- March 03, 2023
- 10:42 AM
- 0
-
A10 Networks confirms data breach after Play ransomware attack
The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.
- February 10, 2023
- 03:30 PM
- 0
-
Arnold Clark customer data stolen in attack claimed by Play ransomware
Arnold Clark, self-described as Europe's largest independent car retailer, is notifying some customers that their personal information has been stolen in a December 23 cyberattack claimed by the Play ransomware group.
- February 01, 2023
- 01:38 PM
- 2
-
Microsoft: Cuba ransomware hacking Exchange servers via OWASSRF flaw
Microsoft says Cuba ransomware threat actors are hacking their way into victims' networks via Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware attacks.
- January 12, 2023
- 02:53 PM
- 0
-
CISA orders agencies to patch Exchange bug abused by ransomware gang
The Cybersecurity and Infrastructure Security Agency (CISA) has added two more security vulnerabilities to its catalog of exploited bugs today.
- January 10, 2023
- 06:22 PM
- 0
-
Rackspace confirms Play ransomware was behind recent cyberattack
Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments.
- January 04, 2023
- 05:21 PM
- 0
-
The Week in Ransomware - December 23rd 2022 - Targeting Microsoft Exchange
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and deploy ransomware.
- December 23, 2022
- 03:51 PM
- 0
-
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code execution (RCE) on vulnerable servers through Outlook Web Access (OWA).
- December 20, 2022
- 05:33 PM
- 0
-
Play ransomware claims attack on German hotel chain H-Hotels
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages for the company.
- December 19, 2022
- 04:40 PM
- 1
-
Play ransomware claims attack on Belgium city of Antwerp
The Play ransomware operation has claimed responsibility for a recent cyberattack on the Belgium city of Antwerp.
- December 12, 2022
- 06:34 PM
- 0
-
Argentina's Judiciary of Córdoba hit by PLAY ransomware attack
Argentina's Judiciary of Córdoba has shut down its IT systems after suffering a ransomware attack, reportedly at the hands of the new 'Play' ransomware operation.
- August 15, 2022
- 08:06 PM
- 0
