IT Services Firm Cognizant Hit with Maze Ransomware

Cognizant is working with cyber defense firms and law enforcement to investigate the attack, disclosed April 17.



Cognizant, a major provider of IT services, confirmed late last week it was the victim of a Maze ransomware attack that caused service disruption for some of its clients.

The company began to alert clients to the incident on Friday, April 17, informing them they had been compromised and providing an early list of the indicators of compromise (IoCs) and technical information found in its investigation so far. This gave client companies intel they could use to monitor their systems for malicious activity and add more protections if necessary.

Some IoCs they discovered included IP addresses of servers and file hashes for the kepstl32.dll, memes.tmp, and maze.dll files, which have been used by Maze operators, BleepingComputer reports.

"Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident," Cognizant officials wrote in a statement, which confirms that Maze is responsible. "Cognizant has also engaged with the appropriate law enforcement authorities."

Read more details here.

A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service