TrendMicro's blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
REFERENCE: https://www.trendmicro.com/en_us/research/22/j/lv-ransomware-exploits-proxyshell-in-attack.html
TAGS: accomplice, Ransomware, LV, ProxyShell, RaaS
ADVERSARY: LV
TARGETED COUNTRY: Jordan
ATT&CK IDS: T1190 - Exploit Public-Facing Application, T1471 - Data Encrypted for Impact, T1572 - Protocol Tunneling, T1059 - Command and Scripting Interpreter, T1003 - OS Credential Dumping
Read More:
Comments