The Australian Cyber Security Centre (ACSC) has released an advisory on Mailto ransomware incidents. The ACSC has limited information regarding the initial intrusion vector for Mailto, also known as Kazakavkovkiz, but evidence suggests that Mailto actors may have used phishing and password spray attacks to comprise user accounts. The ACSC provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on Mailto ransomware incidents and CISA’s Tip on Protecting Against Ransomware for more information.
This product is provided subject to this Notification and this Privacy & Use policy.