Cybersecurity Government Intelligence Reports
The American Hospital Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
SUMMARY
In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array of critical infrastructure sectors, including financial services,…
FIN11 is a cybercriminal group that has been active since at least 2016, originating from the Commonwealth of Independent States (CIS).
SUMMARY
Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed…
Remote access software and tools comprise a broad array of capabilities used to maintain and improve IT, operational technology (OT), and industrial control systems (ICS) services.
Executive Summary
On May 31, 2023, a Progress Software (formerly IPSwitch) published a notification disclosing that a critical vulnerability exists in their MOVEit Transfer software, which could result in unauthorized access and privilege escalation. The vulnerability is a SQL injection flaw…
The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon.
INTRODUCTION
Ransomware is a form of malware designed to encrypt files on a device, rendering them and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Over time, malicious actors have adjusted their ransomware tactics to be more…
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and…
Cyber attacks launched by threat actors against Veeam Backup & Replication are on the rise. Veeam Backup & Replication (VBR) is a software product created by Veeam Software that is used to back up, replicate,
The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure Security Agency (CISA) and US Federal Bureau of Investigation (FBI) are releasing this joint advisory to provide details of tactics, techniques and procedures (TTPs) associated…