Cybersecurity

Cybersecurity Threat Advisory: Black Basta Ransomware Group Threat

Mike Beagles
Mike Beagles June 27, 2022 1 min read

A new critical security alert requires the mission-critical community’s immediate attention.

Advisory Overview

The Black Basta ransomware group is revamping an older malware known as Qbot, Qakbot, and Pinkslipbot to exploit the Microsoft Exchange server. A successful attack will enable cyberattackers to gain target network access, collect critical personal information, and encrypt the network. MCP recommends updating all vulnerable Microsoft Exchange servers in your environment as soon as possible to avoid potential impact.

What Is the Threat?

A Microsoft Exchange server vulnerability exists. By exploiting an unpatched server, one can gain access to the server and collect banking credentials, and other financial information, and encrypt networks. Experts reported that cyberattackers are evading antivirus detection by disabling Windows Defender.

What Is the Risk?

When exploited, this vulnerability enables cyberattackers to have complete and unrestricted access to the target network, potentially leading to a ransomware event that can cause temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses, and potential harm to an organization’s reputation.

What Are the Recommendations?

MCP recommends the following actions to limit the impact of an arbitrary code execution attack:

  • Monitor external access to your networks and update all vulnerable Microsoft Exchange servers in your environment as soon as possible.
  • Keep all servers updated to enforce security measures.
  • Continue to stay up to date with our threat advisories to avoid potential threats.

If you are looking for guidance, please reach out. MCP offers a comprehensive cybersecurity solutions suite for critical infrastructure organizations to help them determine their network, data, and application vulnerabilities. We can help you develop a complete cyberattack prevention strategy. Contact us today to learn more.

References

Don't forget to share this post!

Mike Beagles
Mike Beagles
Mike has specialized experience with supporting public safety agencies by providing technical expertise, strategic planning and general consulting for new and innovative mission critical technologies as well as legacy solutions. Throughout his long-standing career, he has worked as a technical service manager and network engineer for several public safety software companies, as well as an IT manager with a mid-tier public safety 911/ CAD/RMS/Mobile software provider. His expertise runs deep in team and project management for large and small projects, which he has done for more than 12 years.

Related posts

Cybersecurity

Cybersecurity Threat Advisory: New Microsoft Exchange Zero-Day Vulnerability

October 3, 2022
Mike Beagles
Cybersecurity Network Management IT and Network Support Law Enforcement Criminal Justice Fire and EMS

Cybersecurity Threat Advisory: Critical Microsoft Exchange Server Vulnerabilities

March 12, 2021
Mike Beagles
Public Safety Technology Cybersecurity Network Management IT and Network Support

Cybersecurity Threat Advisory: Fortinet and Microsoft Exchange Vulnerability Exploits

December 2, 2021
Mike Beagles