Maze operators tailor attacks to the victim’s environment to evade detection. We show how they operate, and reveal a decoded HDA payload among other IOCs.
Posts TaggedMaze
Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)
SentinelLabs profiles an affiliate involved with Maze ransomware and details the actor’s involvement with other crimeware families, including TrickBot.
Maze Ransomware Update: Extorting and Exposing Victims
Maze ransomware doesn’t just demand payment for a decryptor but exfiltrates victim data and threatens to leak it publicly if the target doesn’t pay up.