2021-12-01

BlackByte Ransomware from RedCanary

Level: 
Tactical
  |  Source: 
RedCanary
Cybersecurity
Information & Technology
Software
Share:

BlackByte Ransomware from RedCanary

RedCanary presented research from a BlackByte ransomware incident response engagement with Kroll. The attack sequence covered initial access from ProxyShell and web shell through post-exploitation with cobalt strike, impairing defenses with process monitoring, windows defender, and firewall modifications to ransomware and file exfiltration.

     

Get trending threats published weekly by the Anvilogic team.

Sign Up Now