top of page
Search

BlueSky Ransomware. AD Lateral Movement, Evasion and Fast Encryption Put Threat on the Radar

BlueSky ransomware is an emerging threat that researchers have been paying increasing attention to since its initial discovery in late June 2022. The ransomware has been observed being spread via trojanized downloads from questionable websites as well as in phishing emails.




MALWARE FAMILY: BlueSky


ATT&CK IDS: T1560 - Archive Collected Data, T1056 - Input Capture, T1105 - Ingress Tool Transfer, T1566 - Phishing, T1005 - Data from Local System, T1012 - Query Registry, T1021 - Remote Services, T1049 - System Network Connections Discovery, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1119 - Automated Collection, T1135 - Network Share Discovery, T1422 - System Network Configuration Discovery, T1486 - Data Encrypted for Impact, T1552 - Unsecured Credentials


Read More:

0 views
bottom of page