Krebs on Security recently released a post discussing Costa Rica’s involvement in the Conti ransomware group’s larger plans for the future. Last week, Costa Rica’s national health service was hacked by a Russian ransomware group referred to as Hive, just weeks after the country entered a state of emergency in
Parker-Hannifin Corporation, a US manufacturing company, has confirmed that it was impacted by a data breach that has exposed employees’ personally identifiable information (PII). According to the firm, Conti ransomware actors published the stolen data last month after claiming responsibility for the attack. Parker-Hannifin is one of the largest motion
Costa Rica in a State of Emergency: Is Conti Gang Cyber Attack a “Sphere of Influence” Shot Across the Bow?
Since yesterday, on the day when a new president took the helm in Costa Rica, a state of emergency was declared in the country based on the impact cyber-attack by the Russia-affiliated Conti Ransomware Gang. Following is what the journalist trade calls a “tic-toc” of the incident – with a formative analysis of mitigation efforts and impacts of the attack and ongoing impact of the state of emergency.
The U.S. State Department Offers a $10 Million Bounty for Information about Conti Ransomware Gang Members
The Department of State is offering a reward of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Conti ransomware variant transnational organized crime group. In addition, the Department is also offering a reward of up to $5,000,000 for information leading to the arrest and/or conviction of any individual in any country conspiring to participate in or attempting to participate in a Conti variant ransomware incident.
According to security researchers, the Conti ransomware gang is still actively conducting hacking campaigns against victims across the globe despite a major data leak that revealed much of the inner workings of the group. Conti was one of the most prolific ransomware groups of 2021, attacking hospitals, businesses, government agencies,
After a week-long deep dive into data pertaining to the notorious Conti ransomware gang, BreachQuest has determined that the group’s members believe they are working for a legitimate company. Ukrainian gray-hat hacker ContiLeaks has been exposing information pertaining to the hacking group since late February, allowing researchers to comb over
Full Log4Shell Attack Chain-Enabled Conti Ransomware Gang Supports Russia; Ukrainian Gang Member Retaliates
In early February, a cybercrime crackdown by Russian authorities included the arrest of members of the REvil gang. Overall, follow-up reports suggested a growing sentiment that the Russian authorities were out to optimize the appeasement value to the U.S. of the arrests. We later suggested that the REvil Gang arrest was possibly a false flag operation. Our suggested scenario at the time: The Russians gave up the REvil Gang while still planning to lean on non-state actors for the plausible deniability of cyberwar operations. Our latter assumption has proven true. A few days ago, the Conti Gang announced their support for the Russian Government.
According to new reports, the sophisticated Russia-based Conti ransomware group has become the first group to weaponize Log4j2 with a full attack chain. Last week, the group became the first professional cybercrime group to adopt the Log4Shell vulnerability and has since built up a holistic attack chain, according to researchers.
An affiliate of the Conti Ransomware gang has allegedly leaked several pieces of sensitive information regarding the threat actor, such as IP addresses for Cobalt Strike C2 servers, training materials, and numerous tools. Together, the information reveals how the group conducts its malicious attacks. The individual released the information after
The Federal Bureau of Investigation (FBI) has identified at least 16 attacks linked to the Conti ransomware group. The agency stated that the attacks target healthcare and first responder organizations, aiming to disrupt their operations and networks. Targets include 911 dispatch carriers, law enforcement agencies, and emergency medical services. These