Over the last few months, there has a noticeable uptick in public ransomware attacks. High-profile and often highly advanced ransomware variants, such as Egregor, Maze, REvil/Sodinokibi have been noted in almost every industry around the globe. Security HQ has released a white paper that focuses on some of the earlier indications of a breach that can lead to a successful ransomware strike.
The white paper also includes information on how AI and ML are used to contextualize, rather than predefine, threats. This is done via an analysis of the threat landscape with regards to COVID-19, a view on related phishing attacks. It also focuses on the internet facing attack surface, advanced persistent threats (APT’s), remote code execution (RCEs), and low-level threat actors. Followed by a look into the detection of ransomware across the cyber kill chain, and analysis of initial access of publicly exposed infrastructure and internal recon.