The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware.
This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China. Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Seven AI companies commit to safeguards at the White House’s request
July 21, 2023
Microsoft, Google and OpenAI are among the leaders in the US artificial intelligence space that have committed to certain safeguards for their technology, following a push from the White House. The companies will voluntarily agree to abide by a number of principles though the agreement will expire when Congress passes legislation to regulate AI. Read more… Source: Engadget
- Intellexa and Cytrox are latest spyware firms to face U.S. wrath
July 19, 2023
The Biden administration struck its latest blow against foreign spyware makers on Tuesday, placing two Europe-based companies on its list that restricts U.S. companies’ business dealings with them. Greece-based Intellexa and the Hungarian company Cytrox are now on the Commerce Department’s “Entity List,” alongside related entities in Ireland and Macedonia, respectively. The organizations join Israeli spyware makers ...
- North Carolina: Kannapolis didn’t alert public when cyberattack knocked out police dispatch
July 19, 2023
More than a year ago, a cyberattack knocked out the system used in Kannapolis to dispatch police and firefighters. You wouldn’t know that based on what the city told the public. Read more… Source: Yahoo! News
- FCC Chairwoman Rosenworcel Announces Cybersecurity Labeling Program for Smart Devices
July 18, 2023
WASHINGTON, July 18, 2023—Federal Communications Commission Chairwoman Jessica Rosenworcel debuted a proposal with her fellow Commissioners to create a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their Internet-enabled devices, commonly called “Internet of Things” or “smart” devices. The proposed program—where qualifying products would bear a new U.S Cyber ...
- NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing
July 17, 2023
Today, the National Security Agency (NSA) and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents recommendations to address some identified threats to 5G standalone network slicing, and provides industry recognized practices for ...
- Common typo causes millions of emails intended for members of the US military to be sent to accounts in Mali
July 17, 2023
Millions of emails intended for Pentagon employees were inadvertently sent to email accounts in Mali over the last decade because of typos caused by the similarity of the US military’s email address and the domain for the West African country, according to a Dutch technologist who discovered the problem. The emails were intended for owners of ...