Original release date: January 16, 2022
Microsoft has released a blog post on possible Master Boot Record (MBR) Wiper activity targeting Ukrainian organizations, including Ukrainian government agencies. According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the ransom note is a ruse because the malware actually destroys the MBR and the targeted files.
CISA recommends network defenders review the Microsoft blog for tactics, techniques, and procedures, as well as indicators of compromise related to this activity. CISA additionally recommends network defenders review recent Cybersecurity Advisories and the CISA Insights, Preparing For and Mitigating Potential Cyber Threats.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
CISA, through the Joint Cyber Defense Collaborative (JCDC), enabled swift, coordinated response and information sharing…
CISA released three Industrial Control Systems (ICS) advisories on October 29, 2024. These advisories provide…
CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors,…
CISA released four Industrial Control Systems (ICS) advisories on October 31, 2024. These advisories provide…
Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional…
This website uses cookies.