Zeppelin Ransomware

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing a joint cybersecurity advisory on the threat posed by the Zeppelin ransomware, a derivative of the Vega malware family.

REFERENCES: https://www.cisa.gov/uscert/ncas/alerts/aa22-223a https://www.cisa.gov/uscert/sites/default/files/publications/Zeppelin.yar

TAGS: Zeppelin, Ransomware

INDUSTRIES: Medical, Healthcare, Technology, Defense, Critical Infrastructure

MALWARE FAMILIES: Zeppelin, Vega

ATT&CK IDS: T1133 - External Remote Services, T1190 - Exploit Public-Facing Application, T1486 - Data Encrypted for Impact, T1566 - Phishing, T1102.002 - Bidirectional Communication, T1543.003 - Windows Service, T1204.001 - Malicious Link

Read More:

https://otx.alienvault.com/pulse/62f6468e291bf275dc1cb62b