Details about the tactics, techniques, and procedures (TTPs) used by a ransomware affiliate group known as Lockean have been released by the French Computer Emergency Response Team (CERT). According to the French CERT, the group is responsible for at least eight attacks in the past year and a half that have targeted French companies, stealing data and deploying malware from ransomware-as-a-service (RaaS) operations. The group was seen deploying various ransomware families including Maze, Egregor, ProLock, and REvil. According to researchers, the group gained initial access in most attacks using the Qbot/QakBot banking trojan. Qbot was spread through emails from the Emotet Botnet, which has since been taken down, along with other malware distribution platforms.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security