Security News > 2020 > March > Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
"These attacks are known to take advantage of network configuration weaknesses and vulnerable services to deploy devastating ransomware payloads," said researchers on Thursday.
"And while ransomware is the very visible action taken in these attacks, human operators also deliver other malicious payloads, steal credentials, and access and exfiltrate data from compromised networks."
Microsoft said one trend it has observed is a "Smash-and-grab monetization" technique, where attackers infiltrate a system via brute force, and proceed with deploying the ransomware, credential theft, and other attacks - all in less than an hour, decreasing the chances of affected victims to intervene.
"Investigators have in fact found artifacts indicating that affected networks have been compromised in some manner by various attackers for several months before the ransomware is deployed, showing that these attacks are successful and unresolved in networks where diligence in security controls and monitoring is not applied," said researchers.
"If these alerts are immediately prioritized, security operations teams can better mitigate attacks and prevent the ransomware payload," said researchers.
News URL
https://threatpost.com/next-gen-ransomware-packs-a-human-punch-microsoft-warns/153501/
Related news
- Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware (source)
- Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Microsoft says more ransomware stopped before reaching encryption (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Black Basta ransomware poses as IT support on Microsoft Teams to breach networks (source)