Ransomware Knight uses travel website names
Cybercriminals are abusing the name of a well-known travel website and spreading a new German-language ransomware directly as an email attachment. Typically, ransomware is rarely distributed directly via email these days. Instead, ransomware gangs have for some time now preferred to use the services of Initial Access Brokers (IAB). IAB distribute malware through large-scale cyber campaigns and then resell access to compromised systems. Ransomware Knight and Knight Lite In the current case, however, the cybercriminals spread the ransomware Knight or Knight Lite (a renamed version of Cyclops Ransomware-as-a-Service) in several campaigns directly via email. That have…