CISA Alert AA22-335A – #StopRansomware: Cuba Ransomware

CISA Cybersecurity Alerts

Dec 07, 2022•3 min•Season 2Ep. 38

--:--

Listen in podcast apps:

Apple Podcasts

Spotify

Download

Listen to this episode in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

The FBI and CISA are releasing this alert to disseminate known Cuba Ransomware Group indicators of compromise and TTPs identified through FBI investigations.

FBI and CISA would like to thank BlackBerry, ESET, The National Cyber-Forensics and Training Alliance (NCFTA), and Palo Alto Networks for their contributions to this CSA.

AA22-335A Alert, Technical Details, and Mitigations

For a downloadable copy of IOCs, see AA22-335A.stix

Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.

Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.

No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment.

U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center’s DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov

To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

Learn more about your ad choices. Visit megaphone.fm/adchoices

For the best experience, listen in Metacast app for iOS or Android