New Zealand’s national computer emergency response team issues an alert about a “sophisticated and well-crafted” attack campaign. CERT NZ says a crime gang seeking “ransomware attack opportunities” is targeting organizations that use unpatched or poorly secured Citrix remote-access technology, then stealing data, then unleashing crypto-locking malware and using the threat of exfiltrated data being publicly dumped to try to force payment. The most high-profile attacks by Nefilim, aka Nephilim – have been against Australian shipping giant Toll Group, which first publicized the attack on May 5.”]
Source: https://www.cuinfosecurity.com/nefilim-ransomware-gang-tied-to-citrix-gateway-hacks-a-14480