San Francisco 49ers hit by ransomware attack

The San Francisco 49ers NFL team was hit by a major ransomware attack on the day of the Super Bowl. The organization confirmed to ZDNet ...

The San Francisco 49ers NFL team was hit by a major ransomware attack on the day of the Super Bowl.

The organization confirmed to ZDNet that it had been hit by the BlackByte ransomware group, but the attack itself was fortunately somewhat limited. 

In a statement confirming the incident, the 49ers said it “recently became aware of a network security incident” that disrupted its corporate IT network, but nothing more.

Leaking data

"Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident. Third-party cybersecurity firms were engaged to assist, and law enforcement was notified," the statement added.

"While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi's Stadium operations or ticket holders. As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible."

The ransomware operators own a leak website where they advertise the data stolen from compromised endpoints that they plan on leaking to the public, with the San Francisco 49ers data reportedly appearing on the site late Saturday evening, just hours before the Super Bowl.  

ZDNet also hints that the FBI probably knew about the hack in advance, as the law enforcement agency issued a warning about BlackByte just a day before the incident was made public.

"As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture). BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers," the FBI had warned. 

"Some victims reported the actors used a known Microsoft Exchange Server vulnerability as a means of gaining access to their networks. Once in, actors deploy tools to move laterally across the network and escalate privileges before exfiltrating and encrypting files. In some instances, BlackByte ransomware actors have only partially encrypted files."

BlackByte, a Ransomware-as-a-service (RaaS) operation, was established sometime last year. The master key (a decryptor, basically), was made available in October 2021 by cybersecurity researchers from Trustwave.

from TechRadar - All the latest technology news https://ift.tt/CJQXNEB



Apps,3856,Business,149,Camera,1155,Earn $$$,2,Gadgets,1740,Games,926,GTA,1,Innovations,2,Mobile,1696,Paid Promotions,4,Promotions,4,Technology,7935,Trailers,796,Travel,37,Trendly News,23726,Video,5,XIAOMI,13,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: San Francisco 49ers hit by ransomware attack
San Francisco 49ers hit by ransomware attack
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy