The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical infrastructure sector) to take steps to mitigate cyber threats for AvosLocker Ransomware.

The Advisory urges companies to:

  • Restrict Remote Desktop Protocol
  • The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch so organizations can identify, mitigate, and respond to an attack using the Snatch ransomware variant.

    Snatch has been hitting the Defense Industrial Base (DIB)

    Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes.

    This week, Bluefield University communicated with its students to be careful of texts sent through the University’s communication system after a ransomware group used the communication system to message the campus about

    The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and procedures that have been associated with LockBit 3.0 ransomware.

    The Advisory, #StopRansomware: LockBit 3.0, states that LockBit 3.0 is an affiliate-based ransomware variant that functions as

    The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health (HPH) sectors, of the ransomware and data extortion operations by the Daixin Team.

    The Advisory is designed to provide information to

    The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored cyber actors since 2020.

    According to the Alert, these threat actors “continue to exploit known vulnerabilities to actively target U.S. and allied networks as

    A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the Treasury Department warns that MedusaLocker ransomware “targets vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks.” The alert encourages “network defenders to examine their current cybersecurity posture and apply the recommended mitigations,…including:

    • Prioritize remediating

    In a recent Private Industry Notification to the higher education sector, the FBI warned that U.S. college and university credentials are being advertised “for sale on online criminal marketplaces and publically [sic] accessible forums.”

    The Notification warns that the exposure of credentials and network access information, “especially privileged user accounts, could lead to subsequent cyber-attacks