Bazar Loader is a fileless attack that downloads through the backdoor allowing attackers to install additional malware, often used for ransomware attacks. Since its inception in April 2020, Bazar Loader has attacked a wide variety of organizations in North America and Europe.
In this blog, we will continue to outline what we discussed in Part 1 of this series and what we demonstrated in our session at DattoCon last week. We will be diving into the technical aspects of the tools used and how they were configured.
Your team has deployed next-gen anti-virus, applied the latest security patches, and your are forwarding all endpoint telemetry to a managed detection and response vendor. The question you have now is - how can you ensure that the deployed defenses are working properly and you will be notified of malicious activity?
There are countless tools available to managed service providers (MSPs) to help them mitigate the risk of ransomware for themselves and their small and medium business (SMB) clients. There’s no single solution that can completely prevent a business from an attack, but rather many that work together. MSPs should consider their RMM tools as a key component in their ransomware mitigations strategy.