New Zealand’s national computer emergency response team warns of a “sophisticated and well-crafted” attack campaign. Attackers are targeting organizations that use unpatched or poorly secured Citrix remote-access technology, then stealing data, then unleashing malware and using the threat of paying ransom. Nefilim, aka Nephilim – is a “closed shop” run by a single gang, experts say. The first high-profile attack on Australian shipping giant Toll Group was against Toll Group, which had to pay a ransom.”]
Source: https://www.bankinfosecurity.com/nephilim-ransomware-gang-tied-to-citrix-gateway-hacks-a-14480