US Cert Alert - Black Basta Cybersecurity Advisory AA24-131A
A Cybersecurity Advisory (CSA) released by the FBI CISA HHS and MS-ISAC details the Black Basta ransomware variant. The ransomware is operated as a ransomware-as-a-service which has impacted over 500 organizations globally. Impacted sectors have included critical infrastructure and healthcare. The ransomware variant was identified in the first half of 2022 Black Basta uses techniques like phishing and exploiting public facing vulnerabilities to gain access to target environments before employing double-extortion tactic by encrypting data and threatening to release it publicly unless a ransom is demands ar met. The joint advisory details tactics techniques and procedures (TTPs) indicators of compromise (IOCs) as well as third party tools commodity tools and legitimate native utilities used by the RaaS.