#RansomwareAdvisories

#StopRansomware: Black Basta

by

May 10, 2024 at 04:13PM The joint Cybersecurity Advisory (CSA) pertains to Black Basta, a ransomware variant targeting critical infrastructure, particularly the Healthcare and Public Health (HPH) Sector. Affiliates use phishing and exploiting vulnerabilities for initial access, employ a double-extortion model, and conduct data exfiltration prior to encryption. The CSA provides TTPs, IOCs, and mitigations … Read more

#StopRansomware: Play Ransomware

by

December 18, 2023 at 10:37AM A joint CSA from the FBI, CISA, and ASD’s ACSC provides IOCs and TTPs of the Play ransomware group impacting businesses in North and South America and Europe. The group employs a double-extortion model, encrypting systems after exfiltrating data. Recommendations include multifactor authentication, offline backups, and system updates to mitigate … Read more