NIST's guidance for a Zero Trust Architecture

Recent AD News

CISA, FBI, and NSA anticipate a rise in Conti ransomware attacks, issue joint cybersecurity advisory

The FBI, National Security Agency, and the Cybersecurity Infrastructure and Security Agency issued a joint advisory on Sept 22, 2021, warning US organizations to prepare for a rise in Conti ransomware attacks and urged them to apply mitigations suggested.

The joint advisory noted that the Conti ransomware has been used in over 400 attacks targeting the US and international organizations.

Conti is usually delivered using a ransomware-as-a-service model, but the alert noted that there’s a departure in some Conti attacks from the usual model as the Conti developers seem to be paying affiliates a wage instead of providing a cut on the ransom received.

The advisory provides also details on the various stages and tactics observed in Conti attacks. The analysis is based on the MITRE ATT&CK framework. Conti leverages various attack vectors to intrude into a network including stolen or weak Remote Desktop credentials, spear-phishing campaigns, fake software promoted via search engine optimization, and more.

ManageEngine has a webinar that explores in-depth how attackers take advantage of weak RDP credentials and spear-phishing campaigns to compromise Active Directory which is often a key target in such ransomware attacks as it enables stealthy lateral movement and privilege escalation. You can watch it here.  

Additionally, the advisory listed three immediate actions organizations need to take to protect against Conti ransomware. They are:

• Use multi-factor authentication.

• Segment and segregate networks and functions.

• Update your operating system and software.

For more details, you can read the full advisory here.

Related posts
Recent AD News

650+ compromised credentials found to be in use within NEW Cooperative-the latest organization hit by ransomware

Recent AD News

Azure security flaw puts Zero-Trust in the spotlight

Recent AD News

Attackers use stolen credentials to intrude into the UN network

Recent AD News

CISA and FBI expect ransomware attacks to soar over the Labor Day weekend, issue advisory

Leave a Reply

Your email address will not be published. Required fields are marked *