Applying the Diamond Model to Cognizant (MSP) and Maze Ransomware and a Policy Assessment
Tags
country: Ireland Lithuania Russia United States Of America
attack-pattern: Data Model Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 5ab909d9-4964-4832-bd1e-13c35d8f4b2f
Fingerprint 8567c1d91c3796da
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 6, 2021, 3:35 p.m.
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline Applying the Diamond Model to Cognizant (MSP) vs. Maze Ransomware
Title Applying the Diamond Model to Cognizant (MSP) and Maze Ransomware and a Policy Assessment
Detected Hints/Tags/Attributes 110/2/41
Source URLs
Redirection Url
Details Source https://killbit.medium.com/applying-the-diamond-model-to-cognizant-msp-and-maze-ransomware-and-a-policy-assessment-498f01bd723f
URL Provider
Details Provider Source level domain
Details medium.com killbit.medium.com
Attributes
Details Type #Events CTI Value
Details Domain 4 
cognizant.com
Details Domain 5 
mazenews.top
Details Domain 2 
newsmaze.top
Details Domain 5 
mazedecrypt.top
Details Domain 25 
www.buymeacoffee.com
Details Domain 17 
www.varonis.com
Details Domain 20 
www.comparitech.com
Details Domain 16 
searchsecurity.techtarget.com
Details Domain 1 
blog.getcryptostopper.com
Details Domain 3 
essay.utwente.nl
Details Domain 45 
www.bankinfosecurity.com
Details Domain 16 
www.coveware.com
Details Domain 15 
labs.sentinelone.com
Details Domain 73 
techcrunch.com
Details File 7 
decrypt-files.txt
Details File 1 
keijzer_ma_eemcs.pdf
Details File 3 
tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
Details IPv4 2 
91.218.114.11
Details IPv4 1 
91.218.114.12
Details IPv4 1 
91.218.114.16
Details IPv4 2 
91.218.114.24
Details Url 2 
http://mazenews.top
Details Url 1 
https://www.buymeacoffee.com/killbit
Details Url 1 
https://www.varonis.com/blog/cryptolocker/.
Details Url 1 
https://www.varonis.com/blog/a-brief-history-of-ransomware/.
Details Url 1 
https://blog.malwarebytes.com/threat-spotlight/2020/05/maze-the-ransomware-that-introduced-an-extra-twist/.
Details Url 1 
https://www.zdnet.com/article/cognizant-expects-to-lose-between-50m-and-70m-following-ransomware-attack/.
Details Url 1 
https://www.forbes.com/sites/louiscolumbus/2019/12/15/shadow-it-is-the-cybersecurity-threat-that-keeps-giving-all-year-long/?sh=10d90c8e5561
Details Url 1 
https://www.comparitech.com/antivirus/ransomware-statistics/.
Details Url 1 
https://searchsecurity.techtarget.com/news/252481892/cognizant-discloses-maze-ransomware-attack.
Details Url 1 
https://digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst-ransomware-attacks-all-time.
Details Url 1 
https://blog.getcryptostopper.com/ransomware-variant-wont-decrypt-files-after-ransom-paid.
Details Url 1 
https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/cyber-insurers-brace-for-payout-after-cognizant-breach-8211-insurance-insider-59413789.
Details Url 1 
http://essay.utwente.nl/81595/1/keijzer_ma_eemcs.pdf
Details Url 3 
https://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
Details Url 1 
https://www.technologyreview.com/2020/01/02/131035/ransomware-may-have-cost-the-us-more-than-75-billion-in-2019.
Details Url 1 
https://www.bankinfosecurity.com/maze-ransomware-victim-sues-anonymous-attackers-a-13574.
Details Url 1 
https://www.darkreading.com/threat-intelligence/ransomware-victim-southwire-sues-maze-operators/d/d-id/1336719.
Details Url 1 
https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report.
Details Url 1 
https://labs.sentinelone.com/maze-ransomware-update-extorting-and-exposing-victims/.
Details Url 1 
https://techcrunch.com/2020/11/02/maze-ransomware-group-shutting-down/.