IT Services Firm Cognizant Hit with Maze Ransomware

Cognizant is working with cyber defense firms and law enforcement to investigate the attack, disclosed April 17.

Cognizant, a major provider of IT services, confirmed late last week it was the victim of a Maze ransomware attack that caused service disruption for some of its clients.

The company began to alert clients to the incident on Friday, April 17, informing them they had been compromised and providing an early list of the indicators of compromise (IoCs) and technical information found in its investigation so far. This gave client companies intel they could use to monitor their systems for malicious activity and add more protections if necessary.

Some IoCs they discovered included IP addresses of servers and file hashes for the kepstl32.dll, memes.tmp, and maze.dll files, which have been used by Maze operators, BleepingComputer reports.

“Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident,” Cognizant officials wrote in a statement, which confirms that Maze is responsible. “Cognizant has also engaged with the appropriate law enforcement authorities.”

Read more details here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

More Insights

Read More HERE