top of page

BlueSky Ransomware. AD Lateral Movement, Evasion and Fast Encryption Put Threat on the Radar

BlueSky ransomware is an emerging threat that researchers have been paying increasing attention to since its initial discovery in late June 2022. The ransomware has been observed being spread via trojanized downloads from questionable websites as well as in phishing emails.


ATT&CK IDS: T1560 - Archive Collected Data, T1056 - Input Capture, T1105 - Ingress Tool Transfer, T1566 - Phishing, T1005 - Data from Local System, T1012 - Query Registry, T1021 - Remote Services, T1049 - System Network Connections Discovery, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1119 - Automated Collection, T1135 - Network Share Discovery, T1422 - System Network Configuration Discovery, T1486 - Data Encrypted for Impact, T1552 - Unsecured Credentials

Read More:

1 view


Commenting has been turned off.
bottom of page