Malicious Innovations (The rise of malware delivering proxy applications & Play Ransomware Group calls out MSPs***

In this video, Andrew, Mackenzie, and Gary discuss the evolving tactics of threat actors targeting MSPs, particularly focusing on the risks posed by the Play ransomware group and the proliferation of proxy servers. They explore how these threats are innovating and impacting MSPs and their customers, emphasizing the importance of threat modeling and proper security measures. The discussion also highlights the need for MSPs to balance efficiency with security to protect their clients effectively.

• The webinar discussed the proliferation of proxy servers being delivered in a robotic botnet fashion, targeting residential IPs and posing a threat to both MSPs and their customers.
• Play ransomware group is specifically targeting MSPs, including RMMs and privilege access management systems, marking a shift in their attack strategy.
• The importance of understanding enumeration and discovery techniques used by threat actors was highlighted as a crucial aspect of developing effective detection and response strategies.