CISA Advisory: CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3)—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, targeting and exploiting U.S. and foreign organizations across multiple sectors in the U.S. 

FBI investigations conducted as recently as August 2024 assess that cyber actors like Pioneer Kitten are connected with the Government of Iran (GOI) and linked to an Iranian information technology (IT) company. Their malicious cyber operations are aimed at deploying ransomware attacks to obtain and develop network access. These operations aid malicious cyber actors in further collaborating with affiliate actors to continue deploying ransomware. 

CISA and partners encourage critical infrastructure organizations to review and implement the mitigations provided in this joint advisory to reduce the likelihood and impact of ransomware incidents. For more information on Iranian state-sponsored threat actor activity, see CISA’s Iran Cyber Threat Overview and Advisories page. 



This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA )

https://www.cisa.gov/news-events/alerts/2024/08/28/cisa-and-partners-release-advisory-iran-based-cyber-actors-enabling-ransomware-attacks-us

  • Ricardo Alonso

    Related Posts

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Serial number: AV24-511Date: September 10, 2024 On September 10, 2024, Adobe published security advisories to address vulnerabilities in the following products: Acrobat DC – versions 24.003.20054 and prior (Windows), version 24.002.21005 and…

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA ) Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    [Control systems] CISA ICS security advisories (AV24-500)

    [Control systems] CISA ICS security advisories (AV24-500)

    Red Hat security advisory (AV24-502)

    Red Hat security advisory (AV24-502)