A Technical Look At The New 'Termite' Ransomware That Hit Blue Yonder
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The Termite ransomware, a rebranded version of Babuk, recently targeted supply chain management platform Blue Yonder. This new strain employs advanced tactics, including double extortion, to maximize its impact. Upon execution, it terminates services, deletes shadow copies, empties the recycle bin, and encrypts files while avoiding certain system folders. The ransomware spreads through network shares and appends a '.termite' extension to encrypted files. It uses multiple MITRE ATT&CK techniques for execution, defense evasion, discovery, and impact. The emergence of Termite highlights the need for robust cybersecurity measures, proactive threat intelligence, and effective incident response strategies to counter evolving ransomware threats.
OPENCTI LABELS :
ransomware,babuk,double extortion,network shares,file encryption,termite,blue yonder
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
A Technical Look At The New 'Termite' Ransomware That Hit Blue Yonder