Collaborate Disseminate
Yelisey Bogusalvskiy & Vitali Kremez write: On May 19, 2022, the admin panel of the Conti ransomware gang’s official website, Conti News, was shut down. The negotiations service site was also down, while the rest of the infrastructure: from c… Continue reading DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape
The Office of Information Security Securing One HHS and Health Sector Security Coordination Center (HC3) have released slides from: Major Cyber Organizations of the Russian Intelligence Services (pdf, 27 pp) TLP: WHITE, ID# 202205191300 May 19, 2022 A… Continue reading Major Cyber Organizations of the Russian Intelligence Services
Lawrence Abrams reports: The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. This news comes from Advanced Intel’s Yelisey Boguslavskiy, … Continue reading Conti ransomware shuts down operation, rebrands into smaller units
The Department of Justice today announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA). The policy for the first time directs that good-faith security research should not be charged. Good faith sec… Continue reading Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act
Stavros Atlamazoglou reports: … Russian hackers went after a variety of Ukrainian targets in the private and public sectors, but one cyber weapon aimed at a specific military target spilled over and affected tens of thousands of devices outside U… Continue reading Cyberattacks quietly launched by Russia before its invasion of Ukraine may have been more damaging than intended
DataBreaches.net has found two behavioral health entities that reportedly or allegedly experienced recent cyberattacks involving protected health information of patients. The first, Behavioral Health Partners of Metrowest (BHPMW), describes itself as a… Continue reading Behavioral health entities in Massachusetts and Ohio reportedly victims of cyberattacks
Mark Young and Tomos Griffiths of Covington and Burling write: In the early hours of Friday, 13 May, the European Parliament and the Council of the EU reached provisional political agreement on a new framework EU cybersecurity law, known as “NIS2”. Thi… Continue reading Political Agreement Reached on New EU Horizontal Cybersecurity Directive
Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access CISA Alert Published May 17, 2022: Summary Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls… Continue reading Alert (AA22-137A): Weak Security Controls and Practices Routinely Exploited for Initial Access
Alexandra Ulmer reports: A former Republican minority leader of the Colorado legislature is among the recipients of a trove of sensitive voting data leaked by a county official working with activists seeking to prove President Donald Trump’s fal… Continue reading Former top Republican lawmaker in Colorado received leak of voting data
A criminal complaint was unsealed today in federal court in Brooklyn, New York, charging Moises Luis Zagala Gonzalez (Zagala), also known as “Nosophoros,” “Aesculapius” and “Nebuchadnezzar,” a citizen of France and Venezuela who resides in Venezuela, w… Continue reading Hacker and Ransomware Designer “Nosophoros” Charged for Use and Sale of Ransomware, and Profit Sharing Arrangements with Cybercriminals