We released a joint Cybersecurity Advisory (CSA) with the Federal Bureau of Investigation (FBI), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN) that provides technical details on the use of MedusaLocker ransomware by threat actors, observed as recently as May 2022: go.usa.gov/xJtxZ The CSA also provides recommended actions, mitigations, and indicators of compromise (IOCs) that can be used by organizations to reduce their risk to this ransomware variant. MedusaLocker relies predominantly on exploiting unpatched vulnerabilities in Remote Desktop Protocol to gain access to victims’ networks. It also frequently uses email phishing and spam email campaigns, with malware directly attached to the email, as initial intrusion vectors. Some of the actions that executives and leaders can take today to mitigate cyber threats from ransomware are to prioritize patching known exploited vulnerabilities, train users to recognize and report phishing attempts, and enforce multifactor authentication. Review the CSA for other actions that can be taken as well as a listing of IOCs: go.usa.gov/xJtxZ
Cybersecurity and Infrastructure Security Agency’s Post
More Relevant Posts
-
The NEW #PSA has launched! “WE CAN SECURE OUR WORLD” teaches 4 easy ways to stay safe online. Check it out and share with your team.
-
Reflecting on the success of #PresCup5, this year’s competition offered participants a chance to showcase their skills, learn new techniques and overcome obstacles to get across the finish line. Are you ready to take on the challenge next? As we gear up for PCVI, check out some highlights from this year’s event! à https://lnkd.in/g_DJHSvi
-
-
Learn how to best protect the dangerous chemicals on site of your organization in case of a cyberattack, and what the cascading effects from an attack could look like for your facility. Our #ChemLock tabletop exercises can help your organization test your security plans prior to an incident, leaving you better prepared for a variety of threats. Learn more at https://go.dhs.gov/3K6
-
-
We issued a public service announcement with Federal Bureau of Investigation (FBI) to inform everyone that ransomware disruptions during voting periods will not impact the security and resilience of vote casting or counting: go.dhs.gov/3Ka The PSA includes key points such as: ✅ election infrastructure security ✅ ransomware mitigation for election infrastructure ✅ and failsafe measures for election infrastructure resilience Election officials use a multi-layer approach to security that employs a variety of technological, physical, and procedural controls to prevent cyber intrusions, like ransomware, from impacting vote casting and counting systems. The American public can have confidence in the security and resilience of our democratic processes! Stay informed and learn how we are helping to #Protect2024: cisa.gov/protect2024. #Protect2024 #ElectionSecurity
-
-
Did you know there are over 400 colleges and universities across the country with designated cybersecurity degree programs? Many of these schools also offer scholarships for undergraduate and graduate students from $27,000 to $37,000! Learn more about these programs as well as internship and apprenticeship opportunities you may be interested in: https://lnkd.in/gUBvAP5C
-
-
Looking for a career change where you can help to secure our world? No matter your current role, cyber has a place for you. We launched a new video that offers a preview of the micro-challenges that are part of the Cyber Careers Pathway Tool on the National Initiative for Cybersecurity Careers and Studies (NICCS®) website. Find out just how much these micro-challenges can help you decide on a career in cyber! Discover innovation, protect our nation’s infrastructure, and learn new skills: watch the video to learn more!
-
I always dreamt of becoming a public servant, following the footsteps of my family members. When the opportunity to join CISA arose, it was a dream come true, and I dove right in and never looked back! The critical mission really stood out. I love that CISA is a people-first focused agency, and the culture that Director Easterly has cultivated. I truly enjoy working with people of diverse backgrounds and where our core principles of fostering belonging, diversity, inclusion, and equality are valued and implemented daily. Strategically recruiting top talent to keep the American people safe while helping people land their dream CISA job is very rewarding to me. I am very passionate about helping people and thrive in connecting talent to hiring managers to assist with hard-to-fill positions. I also enjoy building customer relationships by establishing consultative partnerships and delivering relevant solutions with measurable results. - Sasha Sardi-Wade, Program Specialist, OCHCO, Outreach and Employee Experience #WorkforceWednesday
-
-
We’re ready for a trek to SXSW and we’re planning to talk cutting-edge AI, space, and infrastructure security. 🚀 🌌Vote for the panel “Make Space for AI: Safeguarding the Final Frontier” today. https://lnkd.in/eVKMTWN
-
-
Across the Rocky Mountain States and the Black Hills, we're teaming up with our partners at DOJ, DHS, FBI, and ATF to host educational roundtables dedicated to helping houses of worship of all faiths secure their physical and cyber infrastructure. Whether it's through the Six Steps to Enhance Security Against Targeted Violence or the Power of Hello, our Region 8 team is here to provide the resources you and your congregation need to build resilience and ensure safety. Learn more about how we're protecting Houses of Worship: https://go.dhs.gov/oGT
-
