Lawrence Abrams reports: A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809. Read more at BleepingComputer.
Category: Malware
K-12 school districts in New Mexico, Ohio crippled by cyberattacks
Jonathan Grieg reports: Cyberattacks on K-12 schools across the U.S. continued this week with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents. The Cl0p ransomware group’s leak site this week displayed sensitive information from students, faculty members and parents from Fort Sumner Municipal Schools. The…
DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape
Yelisey Bogusalvskiy & Vitali Kremez write: On May 19, 2022, the admin panel of the Conti ransomware gang’s official website, Conti News, was shut down. The negotiations service site was also down, while the rest of the infrastructure: from chatrooms to messengers, and from servers to proxy hosts was going through a massive reset. Conti…
Greenland hit by cyber attack, finds its health service crippled
Graham Cluley reports: It appears that Costa Rica isn’t the only country making headlines as it battles cyber attackers. For the past week and a half, Greenland’s health service has reportedly been struggling to recover from a cyber attack that has crippled its IT systems, causing long waiting times and forcing doctors to resort to using pen and paper…
Battelle for Kids ransomware attack compromised records of 560,000 Chicago Public School students, employee
Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and staff…
Conti ransomware shuts down operation, rebrands into smaller units
Lawrence Abrams reports: The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. This news comes from Advanced Intel’s Yelisey Boguslavskiy, who tweeted this afternoon that the gang’s internal infrastructure was turned off. While public-facing ‘Conti News’ data leak and the ransom…