Cuba ransomware group hitting US organizations in 5 critical sectors – Cybersecurity Dive




Cuba ransomware actors are targeting U.S. organizations via known vulnerabilities in commercial software, phishing campaigns, compromised credentials and legitimate remote desktop protocol tools, the FBI and CISA said in the joint advisory.
“This year, Cuba ransomware actors have added to their [tactics, techniques and procedures], and third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan actors and Industrial Spy ransomware actors,” the federal agencies said.
CISA and the FBI updated indicators of compromise obtained during threat response investigations as of August to help organizations detect possible exploitation or compromise.
The ransom demands and payments linked to the Cuba ransomware group have doubled since the FBI called out the group and its activities in a previous advisory issued one year ago to the day.
Federal authorities, as of December 2021, attributed 49 victim organizations and almost $44 million in ransom payments to the group.
Get the free daily newsletter read by industry experts
The agency placed a premium on low cost, high impact security efforts, which account for more than 40% of the goals.
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
The agency placed a premium on low cost, high impact security efforts, which account for more than 40% of the goals.
Rates continue to soar, but Marsh research shows the pace of increases is slowing. 
The free newsletter covering the top industry headlines

source


CyberTelugu

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page