Security News > 2022 > May

The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang. Up to $10 million of this reward are offered for info on Conti leaders' identity and location, and an additional $5 million for leading to the arrest and/or convictions of individuals who conspired or attempted to participate in Conti ransomware attacks.

False-flag cyberattacks represent a red line that even nation states like Russia and China don't want to cross, according to Mandiant CEO Kevin Mandia. "It's one of the last rules of the playground that a modern nation may not want to break because they don't want everyone doing false flags," he said, speaking on a panel this week at Vanderbilt University's Summit on Modern Conflict and Emerging Threats.

Attacks we saw this week include using fake Windows 10 updates to distribute Magniber ransomware and an attack on AGCO, a US agricultural machinery maker. The Conti ransomware's brand is sHeading 2hutting down Conti ransomware as in its original reincarnation name is officially dead for a while.

Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. According to user reports, the online gaming platform has been down for at least three hours, blocking them from playing both offline and cloud games.

Video of oval squid changing color in reaction to their background. The research paper claims this is the first time this has been documented.

Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named "Raspberry Robin," Red Canary researchers noted that the worm "Leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.".

Two high-severity security vulnerabilities, which went undetected for several years, have been discovered in a legitimate driver that's part of Avast and AVG antivirus solutions. "These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," SentinelOne researcher Kasif Dekel said in a report shared with The Hacker News.

One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down.

The US Treasury has sanctioned cryptocurrency mixer Blender for its role in helping North Korea's Lazarus Group launder stolen digital assets. As the name might suggest, cryptocurrency mixing, or tumbling, can obscure the source of some digital money.

The best known, and perhaps the most believable, is five ANDs in a row, a sentence helped by the fact that AND is a conjuction, so with a suitable comma you can insert it between almost any two English sentences and produce a legal compound clause. Thus the famous complaint by the innkeeper who's just had their pub sign repainted badly, and disappointedly tells the signwriter, "You didn't leave enough space between ROSE and AND, and AND and CROWN.".