Back to Resources

SentinelOne vs Maze Ransomware (allowing to run and rollback) | Cognizant

On April 17th, it was reported that a large enterprise-class, managed service provider (Cognizant) fell victim to a Maze ransomware attack. This particular campaign includes a signed DLL payload (kepstl32.dll). Upon infection, the trojan will drop a customized desktop image into %temp%, and then traverse the disk, encrypting supported file-types. A copy of the ransom […]
Watch Now