![]() |
February 19th, 2025 (5 months ago)
|
![]() |
Description: CISA and the FBI said attackers deploying Ghost ransomware have breached victims from multiple industry sectors across over 70 countries, including critical infrastructure organizations. [...]
February 19th, 2025 (5 months ago)
|
![]() |
February 19th, 2025 (5 months ago)
|
![]() |
Description: A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). [...]
February 19th, 2025 (5 months ago)
|
![]() |
Description: LazaGrad Hack Targeted the Website of University of Religions and Denominations
February 19th, 2025 (5 months ago)
|
![]() |
Description: CreepyCrawler: An OSINT Tool for Website Recon and Data Extraction
February 19th, 2025 (5 months ago)
|
CVE-2018-13379 |
Description: Summary
Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)—(“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025.
Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware. This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China. Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized ...
February 19th, 2025 (5 months ago)
|
CVE-2018-13379 |
Description: Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released a joint Cybersecurity Advisory, #StopRansomware: Ghost (Cring) Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with Ghost ransomware activity identified through FBI investigations.
Ghost actors conduct these widespread attacks targeting and compromising organizations with outdated versions of software and firmware on their internet facing services. These malicious ransomware actors are known to use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) where available patches have not been applied to gain access to internet facing servers. The known CVEs are CVE-2018-13379, CVE-2010-2861, CVE-2009-3960, CVE-2021-34473, CVE-2021-34523, CVE-2021-31207.
CISA encourages network defenders to review this advisory and apply the recommended mitigations. See #StopRansomware and the #StopRansomware Guide for additional guidance on ransomware protection, detection, and response. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including added recommended baseline protections.
February 19th, 2025 (5 months ago)
|
![]() |
Description: Alabama Ophthalmology Associates Has Fallen Victim to BianLian Ransomware
February 19th, 2025 (5 months ago)
|
![]() |
Description: A Threat Actor Claims to be Selling Access to SMTP Spammers Database Through Microsoft Graph API
February 19th, 2025 (5 months ago)
|