The Australian Cyber Security Centre (ACSC) has published an advisory noting that it is aware of recent ransomware incidents involving a ransomware tool known as “Mailto” or “Kazakavkovkiz.” The ACSC has limited information regarding the initial intrusion vector for Mailto, but evidence suggests that phishing and password spray attacks have been used to compromise user accounts. The ACSC advisory provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks. Read the advisory at ACSC.
With the release of this advisory, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reminds its partners of its Tip on Protecting Against Ransomware.