In collaboration with Northwave, this article describes a real-life case of a targeted ransomware attack. We believe there is real opportunity to learn from incident response cases and previous attacks, hence why this blog is dubbed ‘tales from the trenches’. Many of them are using a similar manual modus operandi as we highlighted in the earlier blogs. In the second part, we described the reconnaissance phase of an attacker that controls an infected host or a valid account to access a remote service. In our first article, we discussed the growing pattern of targeted ransomware attacks where the primary infection stage is often an info-stealer kind of malware used to gain credentials/access to determine if the target would be valuable for a ransomware attack. As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past months.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |