CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks


A new alert provides the technical details of ongoing attacks and guidance for organizations to secure systems against Conti.



The FBI, National Security Agency, and Cybersecurity and Infrastructure Security Agency today issued a joint alert warning of increased use of Conti ransomware, which has been seen in more than 400 attacks on US and international organizations, officials report.
Conti is considered a ransomware-as-a-service model; however, variation in its structure differentiates it from a typical affiliate model, the alert states. Its likely that Contis developers pay the attackers who deploy the ransomware a wage rather than a percentage of the proceeds, officials say.
They list multiple means that Conti actors often use to gain initial network access. These include spear-phishing campaigns that use emails containing malicious attachments or links; stolen or weak Remote Desktop Protocol credentials; phone calls; fake software promoted via search engine optimization; common flaws in external assets; or other malware distribution networks.
CISA and FBI have observed Conti actors using Router Scan, a penetration testing tool, to maliciously scan for and brute force routers, cameras, and network-attached storage devices with web interfaces, the alert states. Attackers will exploit legitimate remote monitoring and management software, as well as remote desktop software, to persist on target networks.
A
recently leaked playbook from Conti attackers
revealed that they exploit vulnerabilities in unpatched assets to escalate privileges and move laterally across a victims environment.
Read the
full alert
for more details.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks