September 2, 2024 at 03:24AM FBI and CISA issued a joint advisory on new ransomware threats, describing a cybercriminal group and methods. The rapid growth in attacks calls for urgent adjustments in cyber defense strategies. Phishing-resistant MFA is crucial, with next-generation solutions and targeted deployments recommended. Organizations need to upgrade defense strategies to protect against … Read more
August 29, 2024 at 01:53PM Summary: The FBI, CISA, MS-ISAC, and HHS have released a joint Cybersecurity Advisory to disseminate information about RansomHub ransomware, including its tactics, techniques, and procedures. The advisory includes details on the ransomware’s impact, mitigation recommendations for network defenders, technical details, and further resources to protect against ransomware threats. Based on … Read more
May 10, 2024 at 04:13PM The joint Cybersecurity Advisory (CSA) pertains to Black Basta, a ransomware variant targeting critical infrastructure, particularly the Healthcare and Public Health (HPH) Sector. Affiliates use phishing and exploiting vulnerabilities for initial access, employ a double-extortion model, and conduct data exfiltration prior to encryption. The CSA provides TTPs, IOCs, and mitigations … Read more
April 18, 2024 at 03:02PM Summary: This joint Cybersecurity Advisory (CSA), released by the FBI, CISA, EC3, and NCSC-NL, highlights the Akira ransomware threat. The report details the ransomware’s impact, encryption methods, impact on different system architectures, and recommended mitigations for network defenders. The CSA also provides technical details using the MITRE ATT&CK framework. For … Read more
February 29, 2024 at 10:42AM The joint Cybersecurity Advisory (CSA) highlights the Phobos ransomware threat, observed as recently as February 2024. It describes the ransomware’s tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and provides recommendations from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information … Read more
December 19, 2023 at 01:22PM The FBI and CISA released a joint Cybersecurity Advisory (CSA) to share known IOCs and TTPs linked to the ALPHV Blackcat ransomware. The advisory warns organizations of evolving tactics used by the threat actors, including advanced social engineering and remote access software deployment. It also provides mitigations and incident response … Read more
December 18, 2023 at 10:37AM A joint CSA from the FBI, CISA, and ASD’s ACSC provides IOCs and TTPs of the Play ransomware group impacting businesses in North and South America and Europe. The group employs a double-extortion model, encrypting systems after exfiltrating data. Recommendations include multifactor authentication, offline backups, and system updates to mitigate … Read more
November 21, 2023 at 11:29AM This joint Cybersecurity Advisory (CSA) aims to provide network defenders with information about the LockBit 3.0 ransomware and its exploitation of the CVE-2023-4966 vulnerability affecting Citrix NetScaler web application delivery control (ADC) and NetScaler Gateway appliances. The CSA includes tactics, techniques, and indicators of compromise (IOCs) obtained from various organizations, … Read more
November 3, 2023 at 05:10PM Ransomware attacks have been on the rise recently, with various organizations falling victim, including the Toronto Public Library, ACE Hardware, Mr. Cooper, and the British Library. In response, a coalition of 40 countries will pledge to stop paying ransom demands. Microsoft also commits to enhancing security through its ‘Secure Future’ … Read more