Summary The notable ransomware gang known as Conti has, according to security firm Advanced Intel (AdvIntel), taken its infrastructure offline and shut down its ransomware operations. While public-facing ‘Conti News’ data leak and the ransom negotiation sites are still online, the Tor admin panels used by Conti members to perform negotiations, publish news, and generate…
Read More
Context On May 19, 2022, security researchers at Sentinel Labs released technical details of a campaign targeting the Rust development community with a supply-chain attack by leveraging a malicious crate. The Rust Security Response Working Group released an advisory regarding the malicious crate on May 10, 2022. The malicious crate was named “rustdecimal,” likely intended…
Read More
Context On May 12, 2022, Apache released an advisory regarding a high severity vulnerability in Apache Tomcat. The vulnerability, designated CVE-2022-25762, affects Tomcat versions 9.0.0.M1 to 9.0.2o and 8.5.0 to 8.5.75. Apache advises users to upgrade to 9.0.21 or later or 8.5.76 or later to mitigate the vulnerability. A May 16, 2022 advisory from CISA…
Read More
Context The Hive ransomware variant has been extremely active in the past year. The ransomware was originally discovered in June of 2021, and reportedly is responsible for more than 300 compromises since September 2021. The FBI released a notice warning the public of the threat in August 2021 after Hive ransomware compromised dozens of medical…
Read More
Context The Department of Energy (DOE), Cybersecurity and Infrastructure Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory on April 13, 2022 detailing new advanced persistent threat (APT) cyber tools targeting Industrial Control System and Supervisory Control and Data Acquisition (ICS/SCADA) devices. The advisory notes three key…
Read More
