CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)
Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and includes additional recommended actions, resources, and tools to maximize its relevancy and effectiveness and to further help reduce the prevalence and impacts of ransomware.
The #StopRansomware Guide serves as a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to address potential attacks. The authoring organizations recommend that entities review this joint guide to prepare and protect their facilities, personnel, and customers from the impacts of ransomware and data exfiltration. For more information and to access the latest resources about how to stop ransomware, please visit stopransomware.gov.
This joint guide was developed through the Joint Ransomware Task Force (JRTF), an interagency collaborative effort to reduce the prevalence and impact of ransomware attacks. JRTF was established by Congress in 2022 and is co-chaired by CISA and FBI. For additional information about the JRTF, please visit CISA’s newly launched Joint Ransomware Task Force (JRTF) webpage.
Dominios .zip y .mov utilizados en ataques de phishing
Los nombres de sitios web bajo los dominios de ZIP y MOV resultan ser un problema a la ahora de distinguir entre las extensiones de archivos con el mismo nombre, lo que representa una amenaza a los sistemas IT, quienes temen, puedan ser usados en ataques de phishing. Si bien, ya estamos acostumbrados a las […]
BlackCat ransomware: Drivers maliciosos del kernel de Windows utilizados en ataques
El grupo de ransomware denominado ALPHV, también conocido como BlackCat, ha sido visto haciendo uso de drivers maliciosos de kernel de Windows, con el fin de eludir la detección de softwares de seguridad al momento de un ataque. No es algo poco común ver a los actores maliciosos haciendo uso de diferentes enfoques para firmar […]