Stefanie Ferrari of BakerHostetler writes: Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification. As in prior years, vendor incidents involved phishing schemes and inadvertent disclosures but primarily resulted from ransomware attacks on the vendors’ systems….
Category: Malware
Hackers are now hiding malware in Windows Event Logs
Ionut Ilascu reports: Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques…
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…
Cybercrime loves company: Conti cooperated with other ransomware gangs
Seems to be a lot of Conti-related analyses this week, as well as the $10 million reward offered by the government for information leadings to Conti’s leaders. From Intel471: Software developers often depend on the collective knowledge of the industry to build their products. Whether it’s through reverse engineering, poaching talent, or straight up cloning…
Conti and Hive ransomware operations: Leveraging victim chats for insights
Kendall McKay and colleagues Paul Eubanks and Jaime Filson of Talos issued a report this week with some interesting insights. EXECUTIVE SUMMARY Through open-source research, we obtained and analyzed over four months of chat logs — more than 40 separate conversations — between Conti and Hive ransomware operators and their victims. The findings in this…
Reward Offers for Information to Bring Conti Ransomware Variant Co-Conspirators to Justice
The Department of State is offering a reward of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Conti ransomware variant transnational organized crime group. In addition, the Department is also offering a reward of up to $5,000,000 for information leading to…