Cybersecurity Authorities Share A List of Top Initial Access Attack Vectors

Read also: Conti threatens to overthrow the Costa Rican government, the US warns of risks of hiring North Korean tech workers, and more.

Cybersecurity agencies share a list of top initial access attack vectors

Cybersecurity authorities from the US, UK, Canada, New Zealand, and the Netherlands have compiled a list of attack vectors most commonly exploited by malicious actors to gain initial access to a target network.

The list of weaknesses includes weak security controls, poor configurations, and overall poor security practices such as the lack of mandatory multi-factor authentication; incorrectly applied privileges or permissions; unpatched software; the use of default configurations or default login credentials; unprotected remote access services and cloud services; weak passwords; open ports and misconfigured services, failure to detect or block phishing attempts; poor endpoint detection and response.

The joint advisory also contains recommended practices that organizations can implement to strengthen their cybersecurity.

Conti ransomware gang raises ransom demand to $20M, threatens to overthrow the Costa Rican government

Conti, the Russian-speaking ransomware gang behind a series of attacks on the Costa Rican government bodies, has upped the ante and is now demanding a $20 million ransom, threatening to overthrow the country’s government “by means of a cyberattack.”

The devastating attack, which took place on April 19, impacted several Costa Rican government agencies, including the Ministry of Finance. On its data leak site the group claimed to have stolen 670 GB of data, 97% of which they said they have already leaked.

Following the hack, the country’s president Rodrigo Chaves declared the state of national emergency. According to Chaves, the incident affected 27 government institutions, including municipalities and state-run utilities.

55-year-old Venezuelan cardiologist charged with developing and selling Thanos and Jigsaw ransomware

The US Department of Justice announced criminal charges against a citizen of France and Venezuela for allegedly creating, using and selling ransomware.

According to the authorities, Moises Luis Zagala Gonzalez, a 55-year-old cardiologist from Venezuela, developed multiple ransomware tools, including a ransomware strain called “Jigsaw v.2,” and a “private ransomware builder” called “Thanos,” which he marketed on various darknet cyber crime forums.

The Thanos software allowed its users to create their own ransomware. The software was advertised for $500 a month with “basic options” or $800 with “full options.” Zagala also run an affiliate RaaS program and offered tech support to cybercriminals who bought his products.

If convicted, the man faces up to 10 years in prison.

Read more news in the source: https://www.immuniweb.com/blog/cybersecurity-authorities-share-list-top-initial-access-attack-vectors.html
© 2022 ImmuniWeb