CISA and Partners Release Advisory on Black Basta Ransomware

Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.

Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.

CISA and partners encourage organizations to review and implement the mitigations provided in the joint CSA to reduce the likelihood and impact of Black Basta and other ransomware incidents. For more information, see StopRansomware.gov and the #StopRansomware Guide.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA and Partners Release Advisory on Black Basta Ransomware

Please share your thoughts

CISA Releases One Industrial Control Systems Advisory

Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA and Partners Release Advisory on Black Basta Ransomware

Please share your thoughts

Related Advisories

CISA Releases One Industrial Control Systems Advisory

Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Three Known Exploited Vulnerabilities to Catalog