Black Basta boss makes it onto Interpol's 'Red Notice' list

Key Points:

• The leader of the Black Basta ransomware gang, Oleg Evgenievich Nefedov, has been added to Interpol's 'Red Notice' list following identification by law enforcement in Ukraine and Germany.
• The gang is linked to over 600 ransomware incidents targeting major organizations globally, with significant impacts on sectors including defense, healthcare, and technology.
• Security teams should enhance monitoring for initial access techniques and implement strong credential management practices to mitigate risks associated with ransomware attacks.

Technical Details: Nefedov's group specializes in gaining initial access through credential theft and privilege escalation, utilizing techniques such as hash cracking to breach protected systems.

MITRE ATT&CK Techniques:

• T1078 - Valid Accounts (Defense Evasion, Initial Access)
• T1003.001 - OS Credential Dumping: LSASS Memory (Credential Access)
• T1210 - Exploit Public-Facing Application (Initial Access)

IOCs Mentioned: None mentioned