Ransomware cyber

S-RM

Mar 10, 2025 1 min read
S-RM

S-RM encountered a sophisticated ransomware attack initiated by the Akira group, involving the exploitation of IoT devices, specifically an insecure webcam, to bypass EDR tools and encrypt files on the network. This innovative tactic allowed the attackers to overcome security measures and establish persistent access through AnyDesk.exe and lateral movement via RDP. The incident required a response team to address the breach and implement new security strategies. The data exfiltration and encryption caused considerable disruption to the company's operations, likely affecting its finances and reputation due to the sophisticated nature of the attack.

Source: https://cybersecuritynews.com/akira-attacking-windows-server-via-rdp-evades-edr/

"id": "s-r226031025",
"linkid": "s-rm",
"type": "Ransomware",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.