To keep the masses notified about potential threats, the Cybereason Global Security Operations Center (GSOC) Team publishes Cybereason Threat Analysis Reports. The Threat Analysis Reports examine into such threats and offer suggestions for how to defend against them.
LockBit, which was first identified in September 2019, uses the ransomware-as-a-service (RaaS) attack method and targets businesses. The ransomware operators are improving their techniques to disable Endpoint detection and response (EDR) tools and other security solutions.
Variables of the Virus
Using the infrastructure and tools already in place for ransomware, Lockbit RaaS enables affiliates to conduct their own attacks while splitting a portion of the money received.
The affiliates associated with the LockBit gang utilized their own malware and tools to exploit the targets in the first attack that the researchers were able to document, which happened in Q4 2021. The majority of the infections that the researchers examined involved threat actors infiltrating the target networks by taking advantage of a misconfigured service, particularly an RDP port that was left accessible to the public.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: