ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

CISA, FBI, and NSA anticipate a rise in Conti ransomware attacks, issue joint cybersecurity advisory

The FBI, National Security Agency, and the Cybersecurity Infrastructure and Security Agency issued a joint advisory on Sept 22, 2021, warning US organizations to prepare for a rise in Conti ransomware attacks and urged them to apply mitigations suggested.

The joint advisory noted that the Conti ransomware has been used in over 400 attacks targeting the US and international organizations.

Conti is usually delivered using a ransomware-as-a-service model, but the alert noted that there’s a departure in some Conti attacks from the usual model as the Conti developers seem to be paying affiliates a wage instead of providing a cut on the ransom received.

The advisory provides also details on the various stages and tactics observed in Conti attacks. The analysis is based on the MITRE ATT&CK framework. Conti leverages various attack vectors to intrude into a network including stolen or weak Remote Desktop credentials, spear-phishing campaigns, fake software promoted via search engine optimization, and more.

ManageEngine has a webinar that explores in-depth how attackers take advantage of weak RDP credentials and spear-phishing campaigns to compromise Active Directory which is often a key target in such ransomware attacks as it enables stealthy lateral movement and privilege escalation. You can watch it here.  

Additionally, the advisory listed three immediate actions organizations need to take to protect against Conti ransomware. They are:

• Use multi-factor authentication.

• Segment and segregate networks and functions.

• Update your operating system and software.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.