Countering the CL0P ransomware group: recommendations from CISA and the FBI
How to defend against cyber attacks: prevention, detection and protection of digital assets in the crosshairs of cybercriminals
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently issued a series of recommendations with the aim of protecting organizations from possible attacks perpetrated by the CL0P Ransomware Group. On Wednesday, CISA announced new cybersecurity guidance designed to inform and assist businesses and other institutions following malware infestations in web-exposed web applications by the aforementioned gang of cybercriminals.
The attack methods of the CL0P ransomware group
The action of the CL0P Ransomware Group was reported following the exploit of a vulnerability in a structured query language present in MOVEit, a managed file transfer platform developed by Progress Software. Since last month, the group has been infecting web applications that use MOVEit, accessing data from the underlying databases.
Agency recommendations for effective defense
CISA and the FBI have urged organizations to conduct a thorough inventory that identifies authorized and unauthorized devices and software. The agencies also stressed the importance of limiting administrator privileges and access only when absolutely necessary.
The importance of preventive measures and monitoring
The agencies have advised that software and applications should always be updated and patched to the latest version available, and that vulnerability assessments should be performed on a regular basis. CISA and the FBI have emphasized that network infrastructure devices, such as firewalls, routers, and others, must be hardened with security configurations and routinely monitored.
Follow us on Google News for more pills like this06/08/2023 22:01
Editorial AI