DomainTools | Special Report

Quadrant Information Security recounts a client breach that began with a third-party compromise via a spear-phishing ISO carrying QakBot, escalated with deployment of Brute Ratel and likely Black Basta ransomware, and involved data exfiltration detected via FTP alerts; Quadrant executed rapid detection and incident response to contain the intrusion and prevent widespread encryption.