Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

DNS Early Detection - Breaking the Black Basta Ransomware Kill Chain

Aug. 2, 2024, 9:03 a.m.

Description

This intelligence analysis examines the Black Basta ransomware campaign, which has significantly impacted businesses and critical infrastructure across North America, Europe, and Australia. The report highlights Infoblox's ability to identify and block over 78% of the malicious domains associated with Black Basta, on average 59.5 days prior to their availability in open-source intelligence (OSINT) sources. Infoblox's DNS Early Detection capability enabled the proactive blocking of these malicious domains, potentially preventing data theft, legal implications, and other consequences for affected organizations.

Date

Published: Aug. 2, 2024, 8:43 a.m.

Created: Aug. 2, 2024, 8:43 a.m.

Modified: Aug. 2, 2024, 9:03 a.m.

Indicators

kekeoamigo.com

Attack Patterns

Black Basta - S1070

Black Basta

T1490

T1059.001

T1562.001

T1486

T1036

T1566

T1190

T1068

CVE-2024-1700

Additional Informations

Healthcare

Government