ZDNet reports that the Conti ransomware gang has continued operations despite being made vulnerable by the recent leak of the group's communications and hiring practices after it had expressed support for Russia's invasion of Ukraine.
Various initial access vectors have been leveraged by Conti, including Qakbot malware-laced phishing messages and attacks on unpatched Microsoft Exchange servers, as well as the exploitation of VPN and Log4j vulnerabilities and other publicly available exploits, according to an NCC Group report.
The Conti ransomware group has also persisted in exfiltrating substantial amounts of data and encrypting networks as they conduct double extortion attacks. Continued use of such tactics should prompt organizations to ensure immediate patching of known security flaws.
The report also urged businesses to implement strong password policies and multi-factor authentication. Moreover, information security teams have also been advised to conduct network monitoring to promptly flag potentially suspicious activity and prevent ransomware attacks.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news