How a noisy ransomware intrusion exposed a long-term espionage foothold - Help Net Security

A noisy ransomware intrusion by the Thor group exposed a long-term espionage foothold maintained by the QuietCrabs threat actor, who typically has a dwell time of 393 days. Both groups exploited vulnerabilities in Microsoft Sharepoint Server and Ivanti solutions, with Thor’s activity being detected early enough to prevent ransomware deployment.