Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.
Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars.
CISA, the FBI, and MS-ISAC encourage critical infrastructure organizations to review and implement the mitigations provided in the joint CSA to reduce the likelihood and impact of Phobos ransomware and other ransomware incidents. For more information, see CISA’s #StopRansomware webpage and the updated #StopRansomware Guide.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released two Industrial Control Systems (ICS) advisories on October 7, 2025. These advisories provide…
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security…
CISA released two Industrial Control Systems (ICS) advisories on October 2, 2025. These advisories provide…
This website uses cookies.