Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.

Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars.

CISA, the FBI, and MS-ISAC encourage critical infrastructure organizations review and implement the mitigations provided in the joint CSA to reduce the likelihood and impact of Phobos ransomware and other ransomware incidents. For more information, see CISA’s #StopRansomware webpage and the updated #StopRansomware Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

78% of Organizations Suffer Repeat Ransomware Attacks After Paying

February 23, 2024 0 Comments 0 tags

Cybereason found that 78% of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor

Read More

Businesses Increase Cybersecurity as Budgets Surge in 2024

February 22, 2024 0 Comments 0 tags

Over two-thirds of IT decision-makers increase cybersecurity budgets in 2024, prioritizing cloud security and incident response as cyber threats escalate

Read More

Fake Tokens Exploit BRICS Investment Hype

February 19, 2024 0 Comments 0 tags

Resecurity said bad actors exploited geopolitical narratives, spreading misinformation

Read More