Data BreachBleeping Computer
9.5 — CRITICAL
Silent Ransom Group targets law firms with fake IT support calls
The Silent Ransom Group extortion gang is actively targeting U.S. law firms and professional services organizations in social engineering attacks that often lead to data theft within hours of initial contact, according to a new report by cybersecurity firm Mandiant. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
The Silent Ransom Group is targeting U.S. law firms with fake IT support calls, leading to data theft within hours of initial contact.
⚙️Technical Details
Affected Systems
Microsoft TeamsZoomQuick AssistMicrosoft Terminal Services
Attack Vectors
Invoice-themed phishing emailsCallback phishing attacks via voice callsRemote support sessions impersonating IT help desks
💥Impact Assessment
Severity: critical
Who Is at Risk
U.S. law firms and professional services organizationsSeverity: critical
🛡️Recommended Actions
1Verify the authenticity of incoming emails and phone calls claiming to be from IT support
2Implement strict remote access controls and monitoring for Microsoft Teams, Zoom, and other remote support tools
3Conduct regular security awareness training for employees on phishing and social engineering tactics
📦Affected Products
Microsoft TeamsZoom
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.