January 31 Corporation Microsoft report.
However, protection strategies should be focused not so much on useful loads as on a chain of actions that lead to their deployment. Since the groups using the robber programs are still aimed at devices and servers that have not yet received the latest security updates and are vulnerable to attackers.
And although the new families of robber programs appear constantly, most attackers use similar tactics when hacking and distribution to networks. This makes us think about the fact that it is much more efficient to identify the threat before its activation, even at the stage of deployment. It is there that the corporations need to direct your strength, and not to the release of endless patches.
As added to Microsoft, attackers are increasingly using tactics that go beyond the scope of the phishing, while such groups as DEV-0671 and DEV-0882 use recently corrected Exchange Server vulnerabilities to hack more vulnerable servers and deploying and deploying and deploying and deployment extortionists
The group purposefully attacks a wide range of organizations and personalities, including government agencies, critical infrastructure suppliers and private companies in the field of finance, health and telecommunications. The group is especially interested in stolen confidential information, such as credit and banking data, trade secrets and political information. In this regard, there is an opinion that they are a state group that uses information to achieve its political goals. However, officially no one recognized responsibility for the actions of this group.