Ryuk Ransomware Detection
This security bulletin shows how you can detect, defend, and respond to Ryuk Ransomware using Ordr.
Ryuk uses a couple of well-known trojans like Emotet and Trickbot for initial delivery, internal reconnaissance, command and control communication, credential harvesting, and other aspects of an Advanced Persistent Threat (APT) attack. This paper examines how Ordr can help detect, defend, and respond to these attack vectors employed by this APT attack.