
The current global remote working movement has become an opportunity for cyber attackers. Security researchers at SISA have been observing a persistent ransomware activity around the world. Now, we found another file-encrypting malware, disrupting enterprises in Taiwan.
ColdLock is a newly identified ransomware strain that reportedly focuses on encrypting databases and email servers of the victim organizations. The malware uses a typical intrusion channels to infect and might have relations to various ill-famed threat groups.
Read SISA’s advisory to get more information on ColdLock ransomware.
The advisory covers complete details about the background, attack patterns, and Indicators of Compromise (IoCs) of ColdLock ransomware. Then, the advisory gives a few security best practices to occlude ColdLock from intruding into Information Systems and encrypt critical data files.
This technical advisory was proposed and researched by Priyanka.D, Security Analyst at SISA’s Synergistic-SOC
Get your copy now!
SISA is a forensics-driven cybersecurity company that helps secure businesses with robust preventive, detective and corrective security services and solutions. SISA offers products and services for risk assessment, security compliance and validation, monitoring and threat hunting, as well as training for various payment security certifications.
Industry recognition by CREST, CERT-In and SWIFT serves as a testament to our skill, knowledge, and competence.
With 2,000+ clients spread across 40+ countries, we leverage our learnings to provide true security, fanatic support and real business value to our customers.