Ionut Ilascu reports: Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques…
Category: Malware
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…
Cybercrime loves company: Conti cooperated with other ransomware gangs
Seems to be a lot of Conti-related analyses this week, as well as the $10 million reward offered by the government for information leadings to Conti’s leaders. From Intel471: Software developers often depend on the collective knowledge of the industry to build their products. Whether it’s through reverse engineering, poaching talent, or straight up cloning…
Conti and Hive ransomware operations: Leveraging victim chats for insights
Kendall McKay and colleagues Paul Eubanks and Jaime Filson of Talos issued a report this week with some interesting insights. EXECUTIVE SUMMARY Through open-source research, we obtained and analyzed over four months of chat logs — more than 40 separate conversations — between Conti and Hive ransomware operators and their victims. The findings in this…
Reward Offers for Information to Bring Conti Ransomware Variant Co-Conspirators to Justice
The Department of State is offering a reward of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Conti ransomware variant transnational organized crime group. In addition, the Department is also offering a reward of up to $5,000,000 for information leading to…
On Password Day, a Chilling Observation
It’s Password Day, and this is as good a time as any to mention that Britton White and I have been collaborating on some research expanding on his investigation into infostealers. We will be reporting on that work in the near future, hopefully. But in the meantime, Britton posted this today about something he found:…