CISA Advisory: Hive Ransomware
The Cybersecurity & Infrastructure Security Agency (CISA) released a joint advisory with the Federal Bureau of Investigation (FBI) and Department of Health and Human Services (HHS) to raise awareness of indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by the Hive ransomware gang. Hive has been known to target the Information Technology sector. Initial Access is commonly gained through exploitation of public facing vulnerabilities (e.g., Exchange, FortiOS, etc.) or compromised credentials. The #stopransomware advisories are useful as they contain actionable intelligence to improve threat-informed cyber defenses and include downloadable IOC packages in STIX format, that can be used in conjunction with the MSP’s technology stack to automate the hunting of indicators in the MSPs managed environments.
Read more here: https://www.cisa.gov/uscert/ncas/alerts/aa22-321a
-Kaseya Threat Management Team