![]() ![]() This joint CSA updates the March 17, 2022, AvosLocker ransomware joint CSA, Indicators of Compromise Associated with AvosLocker ransomware, released by FBI and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN). AvosLocker affiliates then use exfiltration-based data extortion tactics with threats of leaking and/or publishing stolen data. ![]() AvosLocker affiliates compromise organizations’ networks by using legitimate software and open-source remote system administration tools. AvosLocker affiliates have compromised organizations across multiple critical infrastructure sectors in the United States, affecting Windows, Linux, and VMware ESXi environments. AvosLocker operates under a ransomware-as-a-service (RaaS) model. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known IOCs, TTPs, and detection methods associated with the AvosLocker variant identified through FBI investigations as recently as May 2023. Visit to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. ![]() ![]() Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. Update software to latest version and apply patching updates regularly.Securing PowerShell and/or restrict usage.Restricting RDP and other remote desktop services.ACTIONS TO TAKE TODAY TO MITIGATE CYBER THREATS FROM AVOSLOCKER RANSOMWARE: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |