IT Services Firm Cognizant Hit with Maze RansomwareIT Services Firm Cognizant Hit with Maze Ransomware
Cognizant is working with cyber defense firms and law enforcement to investigate the attack, disclosed April 17.
April 21, 2020
Cognizant, a major provider of IT services, confirmed late last week it was the victim of a Maze ransomware attack that caused service disruption for some of its clients.
The company began to alert clients to the incident on Friday, April 17, informing them they had been compromised and providing an early list of the indicators of compromise (IoCs) and technical information found in its investigation so far. This gave client companies intel they could use to monitor their systems for malicious activity and add more protections if necessary.
Some IoCs they discovered included IP addresses of servers and file hashes for the kepstl32.dll, memes.tmp, and maze.dll files, which have been used by Maze operators, BleepingComputer reports.
"Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident," Cognizant officials wrote in a statement, which confirms that Maze is responsible. "Cognizant has also engaged with the appropriate law enforcement authorities."
Read more details here.
A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023