Reuters reports: Hackers have spent up to three years breaking into organizations by targeting monitoring software made by the French company Centreon, France’s cybersecurity watchdog said Monday. The watchdog, known by its French acronym ANSSI, stopped short of identifying the hackers but said they had a similar modus operandi as the Russian cyberespionage group nicknamed…
Month: February 2021
Conti ransomware: Evasive by nature
In part of a three-part series, Andrew Brandt and Anand Ajjan of Sophos write: For the past several months, both SophosLabs and the Sophos Rapid Response team have been collaborating on detection and behavioral analysis of a ransomware that emerged last year and has undergone rapid growth. The ransomware, which calls itself Conti, is delivered…
Omnicom Media Group reportedly falls prey to cyber attack
Janice Tan reports: Omnicom Media Group has reportedly been hit by a cyber attack, resulting in the agency turning to third-party experts to identify the IT disruption, AdAge reported. OMG said it has experienced “disruption to parts of its IT network” in recent days, which was caused by a cyber incident. According to AdAge, OMG said it…
Ransomware attacks on medical entities continue: a laboratory in Italy and a health care service in New Mexico among latest victims
Ransomware attacks on medical entities continue. Today, we report on one attack in Italy and one in the U.S. And sadly, by the end of the day, there may well be more. Italy Marco De Felice (aka @amvinfe) reports that RagnarOK threat actors have attacked the Valdès Analysis Laboratory in Cagliari. The attack occurred on…
Could an ex-employee be planting ransomware on your firm’s network?
We’ve all seen too many instances where vengeful former employees have tried to sabotage their former employer’s network. Even when their employers remember to revoke access for the individual, they often find other ways in — like using a former colleague’s credentials or having previously created another user on the system with credentials. But would…
NL: The Netherlands Organization for Scientific Research (NWO) hit by threat actor(s)
NWO reports: The Netherlands Organization for Scientific Research (NWO) has been hit by a cyber attack. Grant applications to the organization have been stopped because of the attack. It is unclear who is behind the attack. The NWO reports that its servers have been hacked and the network is not accessible. “At the moment everything is aimed at solving the…