CISA Alert AA22-257A – Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations. [CISA Cybersecurity Alerts]

This joint Cybersecurity Advisory highlights continued malicious cyber activity by advanced persistent threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps. The IRGC-affiliated actors are actively targeting a broad range of entities, including entities across multiple U.S. critical infrastructure sectors as well as Australian, Canadian, and United Kingdom organizations. 
AA22-257A Alert, Technical Details, and Mitigations
AA22-257A.stix
CISA’s Iran Cyber Threat Overview and Advisories
FBI’s Iran Threat webpage.
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities …

alert alerts cisa cisa alert cyber cybersecurity data data extortion disk encryption encryption extortion guard operations ransom vulnerabilities