In a recent announcement, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the increasing ransomware threat posed by Iran-based cyber actors. The advisory highlighted the specific tactics, techniques, and procedures employed by a group of threat actors associated with the Iranian government and an undisclosed IT company in the same region. 

Understanding the Threat Actors

The Iran-based cyber actors, identified as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, are known for their activities involving ransomware deployment, network access acquisition, and collaboration with affiliate actors for coordinated attacks. These malicious entities have been targeting a wide range of organizations, including those in the government, education, finance, healthcare, and defense sectors. 

Collaborative Efforts and Continued Threats

To address the persistent threat posed by these actors, CISA collaborated with the FBI and the Department of Defense Cyber Crime Center to issue the advisory. The joint (Read more...)