Royal ransomware gang quickly expands reign

The Royal ransomware group is hitting a broad range of industries including manufacturing, healthcare, local governments, and education sectors. Over 64% of its targets are in the US. Known for its aggressive tactics such as public extortion and harassment, the group is believed to consist of former members of the Conti ransomware group. Royal uses a variety of tools and methods including SEO poisoning, compromised credentials, and network discovery software to gain initial system access and exfiltrate data. It also targets Linux and ESXi environments.