Jai Vijayan reports: Threat actors doubled down on their use of phishing emails as an initial attack vector during the first quarter of 2022 — and in many cases then used that access to drop ransomware or to extort organizations in other ways. Researchers from Kroll recently analyzed data gathered from security incidents they responded…
Category: Commentaries and Analyses
Conti ransomware shuts down operation, rebrands into smaller units
Lawrence Abrams reports: The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. This news comes from Advanced Intel’s Yelisey Boguslavskiy, who tweeted this afternoon that the gang’s internal infrastructure was turned off. While public-facing ‘Conti News’ data leak and the ransom…
Wizard Spider Group In-Depth Analysis – Prodaft
Prodraft writes: This report provides unprecedented visibility into the structure, background, and motivations of Wizard Spider. We’ve obtained command statistics, target country statistics, command execution patterns, and other information on the group’s tactics, techniques, and procedures. These include novel post-exploitation cracking solutions and psychological tactics. Download their report at Prodaft.
Cyberattacks quietly launched by Russia before its invasion of Ukraine may have been more damaging than intended
Stavros Atlamazoglou reports: … Russian hackers went after a variety of Ukrainian targets in the private and public sectors, but one cyber weapon aimed at a specific military target spilled over and affected tens of thousands of devices outside Ukraine. A few hours before the Russian invasion began on February 24, Russian hackers launched a…
Political Agreement Reached on New EU Horizontal Cybersecurity Directive
Mark Young and Tomos Griffiths of Covington and Burling write: In the early hours of Friday, 13 May, the European Parliament and the Council of the EU reached provisional political agreement on a new framework EU cybersecurity law, known as “NIS2”. This new law, which will replace the existing NIS Directive (which was agreed around the same…
Exploratory study into ransomware attacks in Dutch government services and companies
Cybercrimeinfo.nl writes: Statistics Netherlands (CBS), in collaboration with the National Cyber Security Center (NCSC), has conducted an exploratory study into ransomware attacks in Dutch government services and companies. The researchers looked at, among other things, the timeline and costs of attacks with ransomware. Due to the sensitivity of the collected data, the report has not been published…