SentinelOne VS PYSA ransomware – Prevention

Watch how SentinelOne prevents PYSA ransomware. PYSA (aka Pysa Partners, Mespinoza) is a ‘double-extortion’ ransomware threat seen in the wild since early 2020. Like other recent ransomware gangs, the PYSA team maintains a blog to threaten their victims and leak sensitive data. One of the tactics used by PYSA is exfiltrating data before encrypting devices Data from victim hosts is exfiltrated before the encryption of devices.

The SentinelLabs team observed PYSA campaigns using tools like WinSCP to exfiltrate data. Earlier in 2021 we saw PYSA attacks against Educational institutions, primarily in the United States and the United Kingdom.

#ransomware #cybersecurity #infosec #PYSA #exploit #SentinelLabs