TTPs

Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-131A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated to Black Basta ransomware, a ransomware variant whose operators have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.

Response to CISA Advisory (AA23-349A): Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

In response to the recently published CISA Advisory (AA23-349A) that disseminates Tactics, Techniques and Procedures (TTPs), mitigation and detection methods associated with a Risk and Vulnerability Assessment (RVA) carried out by CISA as requested by a Healthcare and Public Health (HPH) sector organization, AttackIQ recommends that customers take the following testing actions in alignment with the RVA.

Attack Graph Response to CISA Advisory (AA23-284A): #StopRansomware: AvosLocker Ransomware

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-284A) that disseminates known Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with AvosLocker ransomware identified through FBI investigations as recent as May 2023. AvosLocker is known for conducting activities against organizations across multiple critical infrastructure sectors using legitimate software and open-source remote system administration tools.
1 / 3