Maze, like several other ransomware operators, will not typically discuss their victims publicly during the negotiation process. Many have assessed that this is in an effort to minimize the impact of outside factors on the negotiations. Maze will typically infiltrate an organization and attempt to operate without being detected for up to several weeks while they carry out reconnaissance activity and work to gain administrator-level access. It is recommended that organizations ensure that the Remote Desktop Protocol (RDP) and other remote access services are properly secured with a multi-factor authentication Virtual Private Network (VPN) as a means of defending against Maze’s typical Tactics, Techniques, and Procedures (TTPs.) It is also recommended that security teams use Endpoint Detection and Monitoring (EDR) tools or Managed Detection and Response (MDR) services to look for attacker behavior on endpoints from user accounts that are logged in through remote access. More information on this incident can be found at https://www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/