CISA Alert AA23-158A – #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability.

FBI and CISA are releasing this joint CSA to disseminate known CL0P ransomware IOCs and TTPs identified through FBI investigations as recently as June 2023.

AA23-158A Alert, Technical Details, and Mitigations

Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.

Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.

Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft | Mandiant

MOVEit Transfer Critical Vulnerability (May 2023) - Progress Community

MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response (huntress.com)

No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment.

U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center’s DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov 

To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.