Threat actors are using Hive ransomware variants to target the government, communication, critical manufacturing, information technology, and healthcare sectors.
Initial access is carried out with phishing emails or by exploiting flaws in Internet facing applications.
The adversaries exfiltrate sensitive information prior to encrypting files and threatens to release the stolen data if the ransom is not paid.