Podcasts
CISA Cybersecurity Alerts
Ep 30
CISA Cybersecurity Alerts 9.15.22
Ep 30 | 9.15.22

CISA Alert AA22-257A – Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations.

Show Notes
Transcript

This joint Cybersecurity Advisory highlights continued malicious cyber activity by advanced persistent threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps. The IRGC-affiliated actors are actively targeting a broad range of entities, including entities across multiple U.S. critical infrastructure sectors as well as Australian, Canadian, and United Kingdom organizations. 

AA22-257A Alert, Technical Details, and Mitigations

AA22-257A.stix

CISA’s Iran Cyber Threat Overview and Advisories

FBI’s Iran Threat webpage.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Technical Approaches to Uncovering and Remediating Malicious Activity

All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

CISA Cybersecurity Alerts
Podcast Info
Schedule: Ad Hoc
Credits: Alert sources include the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Technical Editor is Brandon Karpf, Producer is Jennifer Eiben, Audio Engineering, Editing and original music by Elliott Peltzman.
Creator: CyberWire, Inc.
CISA Cybersecurity Alerts