start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Close
Select Page

Conti is a Russian-based ransomware group that operates a ransomware-as-a-service model to deploy the Conti ransomware. They are one of the more prolific ransomware groups in operation today. The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti ransomware variant theconti ransomware costliest strain of ransomware ever documented.1 Although Conti focuses on the healthcare sector, Conti ransomware has also victimized organizations in the Energy, Food and Agriculture, Financial Services, and Information Technology sectors.

The worldwide impact of Conti is significant. So much in fact that the U.S. Department of State is offering rewards of up to $10 million for information that leads to the identification or location of any individual who holds a key leadership position in the Conti crime group. To learn more about Conti attacks, visit Data Breach Today’s website where more than 200 articles have been published.

Recently, Tenable has researched and identified Conti attach schemes and published the list of vulnerabilities. Conti uses a variety of attack vectors including phishing, malware and attacks against Remote Desktop Protocol. Tenable lists 9 initial access vulnerabilities and 24 elevation of privilege vulnerabilities. Tenable are releasing scan templates soon, meanwhile, organizations can leverage their ContiLeaks Dashboards for Tenable.io and Tenable.sc to identify the known vulnerabilities exploited by the Conti ransomware group and its affiliates.

BigFix can now immediately patch all in scope vulnerabilities which is 29 of 33. Additionally, BigFix users can leverage the new CVE Search dashboard and web report to get the latest information on the Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01). 

Learn how BigFix can manage every endpoint before, during and after a cyberattack. Request a Free Trial or Demonstration of BigFix today!

1 https://www.state.gov/reward-offers-for-information-to-bring-conti-ransomware-variant-co-conspirators-to-justice

Comment wrap

Start a Conversation with Us

We’re here to help you find the right solutions and support you in achieving your business goals.

  |  February 17, 2025
How Autonomous Endpoint Management Enhances IT Efficiency and Security
Discover how autonomous endpoint management boosts IT efficiency, strengthens security, and reduces manual workloads with AI-driven automation and real-time controls.
  |  February 13, 2025
HCLSoftware Named a Representative Vendor in the 2024 Gartner® Market Guide for Software Asset Management Tools
HCLSoftware recognized in Gartner's 2024 Market Guide for Software Asset Management Tools. Learn how HCL BigFix simplifies SAM, optimizes software spend, and reduces risk. Download the report.
  |  January 20, 2025
Microsoft January 2025 Patch Tuesday – Fix 8 Zero-days and 139 More Vulnerabilities with BigFix
Today marks Microsoft’s January 2025 Patch Tuesday, bringing security updates for 159 vulnerabilities, including eight zero-day exploits. Let’s explore how BigFix patch content can help remediating these vulnerabilities efficiently with speed, security and scalability across your IT environment.