NotPetya Operators Accessed M.E.Doc Server Using Stolen Credentials: Cisco

Last week, multiple security companies determined that the tax software company’s update server was used as the initial attack vector. Although M.E.Doc denied possible compromise several times during the first days of the outbreak, it eventually agreed to allow a security firm to perform forensic analysis of the server.

Read full news article on SecurityWeek