#StopRansomware: Cuba Ransomware

Original release date: December 1, 2022

Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. FBI investigations identified these TTPs and IOCs as recently as August 2022. This CSA updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware. Key updates include:

FBI has identified a sharp increase in the both the number of compromised U.S. entities and the ransom amounts demanded by Cuba ransomware actors.
Since spring 2022, Cuba ransomware actors have expanded their TTPs.
Third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan (RAT) actors, and Industrial Spy ransomware actors.

FBI and CISA encourage network defenders to review the joint CSA and to apply the included mitigations. See StopRansomware.gov for additional guidance on ransomware protection, detection, and response.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next CISA Releases Three Industrial Control Systems Advisories »

Previous « CISA Releases Seven Industrial Control Systems Advisories

This website uses cookies.

#StopRansomware: Cuba Ransomware

Recent Posts

CISA Releases Three Industrial Control Systems Advisories

CISA Releases Seven Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

Updated Guidance on Play Ransomware

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Adds Five Known Exploited Vulnerabilities to Catalog