TT-CSIRT-414.3.3.23: Royal Ransomware

TT-CSIRT-414.3.3.23: Royal Ransomware

The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint cyber security advisory on Royal Ransomware to provide network defenders with the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants.

Several local organizations have been affected by Royal ransomware in the recent past. With this in mind, TT-CSIRT strongly encourages network defenders to review the advisory and implement the recommended mitigations to limit potential adversarial techniques and reduce the risk of compromise.

Advisory: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a