CISA Advisory: CISA and Partners Release Advisory on RansomHub Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware: RansomHub Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with RansomHub activity identified through FBI investigations and third-party reporting as recently as August 2024.

RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—which has recently attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV.

CISA encourages network defenders to review this advisory and apply the recommended mitigations. See #StopRansomware and the #StopRansomware Guide for additional guidance on ransomware protection, detection, and response. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including added recommended baseline protections.

CISA encourages software manufacturers to take ownership of improving the security outcomes of their customers by applying secure by design methods. For more information on Secure by Design, see CISA’s Secure by Design webpage and joint guide Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.



This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA )

https://www.cisa.gov/news-events/alerts/2024/08/29/cisa-and-partners-release-advisory-ransomhub-ransomware

  • Ricardo Alonso

    Related Posts

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Serial number: AV24-511Date: September 10, 2024 On September 10, 2024, Adobe published security advisories to address vulnerabilities in the following products: Acrobat DC – versions 24.003.20054 and prior (Windows), version 24.002.21005 and…

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA ) Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    [Control systems] CISA ICS security advisories (AV24-500)

    [Control systems] CISA ICS security advisories (AV24-500)

    Red Hat security advisory (AV24-502)

    Red Hat security advisory (AV24-502)