Rhysida ransomware group targets Windows machines through VPN devices and RDP. The group has hit at least 50 global victims, with a focus on education and manufacturing industries. The top five countries affected are the USA, France, Germany, England, and Italy. The ransomware attacks were flagged by the FortiGuard MDR team, who detected attempts to access sensitive information and dump memory. The threat actor used various tools and techniques for credential access, but FortiEDR blocked their attempts. The actor then deployed Rhysida ransomware on multiple systems, encrypting user files. #cybersecurity #ransomware

https://cybersecuritynews.com/rhysida-ransomware-attacking-windows/