CISA Alert AA22-257A – Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations. [CISA Cybersecurity Alerts]

This joint Cybersecurity Advisory highlights continued malicious cyber activity by advanced persistent threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps. The IRGC-affiliated actors are actively targeting a broad range of entities, including entities across multiple U.S. critical infrastructure sectors as well as Australian, Canadian, and United Kingdom organizations. 
AA22-257A Alert, Technical Details, and Mitigations
AA22-257A.stix
CISA’s Iran Cyber Threat Overview and Advisories
FBI’s Iran Threat webpage.
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities …

advanced advanced persistent threat advisory alert alerts cisa cisa alert cyber cybersecurity cybersecurity advisory data data extortion disk disk encryption encryption entities exploiting extortion government guard iranian irgc malicious operations persistent persistent threat ransom targeting threat threat actors vulnerabilities