Sodinokibi Ransomware through the Lens of IR and Collaborative Threat Intelligence
Security analysts have used Incident Response (IR) and shared intelligence together for analyzing Sodinokibi ransomware’s behavior and offered a similar collaborative approach to counter threats. IBM researchers have assorted Sodinokibi TTPs from many of its attacks and laid bare its activities in five stages. Threat intelligence collected during ransomware investigations could greatly improve analysts’ understanding of ransomware gangs.
