Ransomware continues the trend of targeted attacks but with the added challenge of double extortion. Organizations need to be one step ahead of such coercive tactics to avoid potential disruptions, financial losses, and reputational damage.
Starting this year, Ryuk began using another dropper called BazarLoader (also known as BazarBackdoor), which is primarily distributed via phishing emails that contain either malicious attachments or links to websites that host malware.
Maze ransomware, notorious for not just encrypting but for stealing victims’ data, attacks a US IT firm. The company sent emails to customers which include IP addresses and file hashes that have been linked to previous Maze attacks.