Heading to RSAC 2024? Stop by booth N-6553 in the North Expo Hall or book a meeting with our executive team!
Over the past few months, the Cybereason team has been investigating multiple instances of ransomware attacks against large critical infrastructure providers. This attack highlights an ongoing trend where ransomware attacks are no longer just deploying and detonating; they are taking their time to maximize their profit per targeted organization by impacting the availability of multiple machines and the confidentiality of proprietary data.
Reimage any affected machines because of the different persistence mechanisms used.
Change all passwords related to affected services, both browserbased and local applications.
Harden remote access interfaces (RDP, SSH).
We highly recommend every customer enable the following features: