CISA Alert AA22-152A – Karakurt data extortion group. [CISA Cybersecurity Alerts]
Podcast |
CyberWire Daily
Publisher |
The CyberWire
Media Type |
audio
Podknife tags |
Cybersecurity
Tech News
Technology
Categories Via RSS |
Daily News
News
Tech News
Technology
Publication Date |
Jun 01, 2022
Episode Duration |
00:02:40
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are releasing this joint Cybersecurity Advisory to provide information about the Karakurt data extortion group, also known as the Karakurt Team and Karakurt Lair. Karakurt actors have employed a variety of TTPs, creating significant challenges for defense and mitigation. Karakurt victims have not reported encryption of compromised machines or files; rather, Karakurt actors claim to steal data and threaten to auction it or release it to the public unless they receive payment. AA22-152A Alert, Technical Details, and Mitigations CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events. Stopransomware.gov  CISA's Ransomware Readiness Assessment CISA's cyber hygiene services FinCEN Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime FinCEN Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov. Learn more about your ad choices. Visit megaphone.fm/adchoices

This episode currently has no reviews.

Submit Review
This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review