Advertisement · 728 × 90
#
Hashtag
#Playransomware
Advertisement · 728 × 90
CyberLens Newsletter
CyberLens Newsletter
@cyberlensnews.bsky.social
9 months ago
Preview
Glazed and Compromised: Unmasking the Krispy Kreme Ransomware Breach Inside the Play Ransomware Group's Sweet Attack on Global Doughnut Giant and What It Reveals About Evolving Threat Vectors in 2025

Glazed and Compromised — Krispy Kreme just got a bitter taste of #ransomware. The Play group strikes again with advanced double extortion tactics, exposing flaws in legacy systems.
#CyberLens #DataBreach #InfoSec #PlayRansomware #CyberAttack #BlueSkyTech

cyberlens.beehiiv.com/p/glazed-and...

2 1 0 0
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
9 months ago
Post image

Stay informed about #PlayRansomware tactics and protect your organization. Learn about their methods and mitigation strategies. #CyberSecurity #Ransomware #InfoSec Link: thedailytechfeed.com/understandin...

3 0 0 0
piggo
piggo
@pigondrugs.bsky.social
9 months ago
Updated Guidance on Play Ransomware

~Cisa~
CISA, FBI & ACSC issued updated guidance on Play ransomware (Playcrypt), detailing new TTPs & IOCs.
-
IOCs: (None identified)
-
#PlayRansomware #Ransomware #ThreatIntel

1 1 0 0
CySecurity News
CySecurity News
@cysecuritynews.bsky.social
10 months ago
Preview
Windows CLFS Zero-Day Flaw Exploited in Play Ransomware Attacks  In zero-day attacks, the Play ransomware gang exploited a critical Windows Common Log File System flaw to gain SYSTEM access and install malware on infected PCs. The vulnerability, known as CVE-2025-29824, was identified by Microsoft as being exploited in a small number of attacks and addressed during last month's patch. "The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in Saudi Arabia," Microsoft noted in April.  Microsoft attributed these assaults to the RansomEXX ransomware outfit, claiming that the perpetrators installed the PipeMagic backdoor malware, which was employed to deliver the CVE-2025-29824 exploit, ransomware payloads, and ransom letters after encrypting files.  Since then, Symantec's Threat Hunter Team has discovered evidence linking them to the Play ransomware-as-a-service operation, claiming that the hackers used a CVE-2025-29824 zero-day privilege escalation exploit after breaching a US organization's network.  "Although no ransomware payload was deployed in the intrusion, the attackers deployed the Grixba infostealer, which is a custom tool associated with Balloonfly, the attackers behind the Play ransomware operation," Symantec added. "Balloonfly is a cybercrime group that has been active since at least June 2022 and uses the Play ransomware (also known as PlayCrypt) in attacks.”  The Grixba custom network-scanning and information-stealing program was discovered two years ago, and Play ransomware operators often use it to list users and computers in compromised networks. The Play cybercrime gang first appeared in June 2022, and it is also renowned for double-extortion attacks, in which its affiliates coerce victims into paying ransoms to prevent their stolen data from being exposed online.  As of October 2023, the Play ransomware gang has compromised the networks of around 300 organisations globally, according to a joint alert released by the FBI, CISA, and the Australian Cyber Security Centre (ACSC) in December 2023.  The cloud computing company Rackspace, the massive auto retailer Arnold Clark, the City of Oakland in California, Dallas County, the Belgian city of Antwerp, and, more recently, the American semiconductor supplier Microchip Technology and doughnut chain Krispy Kreme are among the notable victims of the Play ransomware.

Windows CLFS Zero-Day Flaw Exploited in Play Ransomware Attacks #Microsoft #Playransomware #Storm2460

0 0 0 0
Hackread.com
Hackread.com
@hackread.bsky.social
1 year ago
Preview
Play Ransomware Claims Krispy Kreme Breach, Threatens Data Leak Follow us on Bluesky, Twitter (X) and Facebook at @Hackread

📢 Just In: Play ransomware group has claimed responsibility for the data breach at #KrispyKreme and is threatening to leak the data within two days.

Details: hackread.com/play-ransomw...

#CyberSecurity #CyberAttack #Ransomware #PlayRansomware

5 1 2 0
Rene Robichaud
Rene Robichaud
@neroqc.bsky.social
1 year ago
Preview
North Korean Hackers Team Up with Play Ransomware in Global Attack Follow us on Twitter (X) @Hackread - Facebook @ /Hackread

North Korean Hackers Team Up with Play Ransomware in Global Attack
hackread.com/north-korean...
#Infosec #Security #Cybersecurity #CeptBiro #NorthKorean #HackersTeam #PlayRansomware #GlobalAttack

0 0 0 0
Rene Robichaud
Rene Robichaud
@neroqc.bsky.social
1 year ago
Preview
North Korean hackers pave the way for Play ransomware - Help Net Security North Korean state-sponsored hackers Jumpy Pisces burrow into corporate networks then hands matters over to the Play ransomware group.

North Korean hackers pave the way for Play ransomware
www.helpnetsecurity.com/2024/10/31/n...
#Infosec #Security #Cybersecurity #CeptBiro #NorthKorean #PlayRansomware

0 0 0 0