[CDP-development] Updated Joint CSA AA21-256A: Conti Ransomware

Masse, Theresa theresa.masse at cisa.dhs.gov
Wed Mar 9 12:51:35 PST 2022 

FYSA


[cid:image003.png at 01D833B4.66F17660]


CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) updated the joint CSA on Conti ransomware<https://www.cisa.gov/uscert/ncas/alerts/aa21-265a> today. Updates include indicators of compromise (in a STIX file format)<https://www.cisa.gov/uscert/sites/default/files/publications/AA21-265A.stix.xml> and adding the United States Secret Service as a co-author. Conti cyber threat actors remain active and reports of Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000 instances. Notable attack vectors include Trickbot and Cobalt Strike.

CISA, FBI, NSA, and USSS encourage organizations to review AA21-265A: Conti Ransomware<https://www.cisa.gov/uscert/ncas/alerts/aa21-265a>, which includes new indicators of compromise, for more information.

In addition to this advisory, we also encourage all organizations to review our Shields Up<https://www.cisa.gov/shields-up> webpage and StopRansomware.gov<https://www.cisa.gov/stopransomware>  to find recommended actions on protecting your most critical assets from threat actors.


Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image002.png at 01D833B4.580DF830]


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220309/244e9663/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 16152 bytes
Desc: image002.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220309/244e9663/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 103028 bytes
Desc: image003.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220309/244e9663/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: AA21-265A-Conti_Ransomware_TLP_WHITE.pdf
Type: application/pdf
Size: 1060466 bytes
Desc: AA21-265A-Conti_Ransomware_TLP_WHITE.pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220309/244e9663/attachment-0001.pdf>

More information about the CDP-development mailing list