CISA Activity - CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).
C

CISA

Guest
Today, CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) released updates to #StopRansomware: BianLian Ransomware Group on observed tactics, techniques, and procedures (TTPs) and indicators of compromise attributed to data extortion group, BianLian.

The advisory, originally published May 2023, has been updated with additional TTPs obtained through FBI and ASD’s ACSC investigations and industry threat intelligence as of June 2024.

BianLian is likely based in Russia, with Russia-based affiliates, and has affected organizations in multiple U.S. critical infrastructure sectors since June 2022. They have also targeted Australian critical infrastructure sectors, professional services, and property development.

CISA and partners encourage infrastructure organizations and small- to medium-sized organizations implement mitigations in this advisory to reduce the likelihood and impact of BianLian and other ransomware incidents. These mitigations align with the Cross-Sector Cybersecurity Performance Goals developed by CISA and the National Institute of Standards and Technology.

This advisory is part of CISA’s ongoing #StopRansomware effort.

Continue reading...