What is the attack?A significant ransomware attack has struck Pusat Data Nasional (PDN), one of Indonesia’s government-owned national data centers. This incident involved threat actors encrypting government data, which disrupted digital services for immigration, airport checks, and several public services. This ransomware attack represents a new variant of the LockBit 3.0 ransomware. In 2023, the LockBit hacker group also severely disrupted the Bank Syariah Indonesia (BSI) systems.What is the recommended Mitigation?Ensure that all systems are up to date with robust cybersecurity measures. Also, maintain general awareness and training about the risk of phishing and social engineering attacks in the organization. What FortiGuard Coverage is available?FortiGuard Labs has AV signatures to block all the known malware variants used by the Ransomware group.Behavior-based detection through FortiSandbox and FortiEDR detects new and unknown ransomware malware samples.All the known IoCs related to the campaign are blocked via Web filtering service. These IOCs are available for threat hunting through FortiAnalyzer, FortiSIEM, and FortiSOAR.
More Stories
yarnpkg-1.22.22-2.fc40
FEDORA-2024-eef12396fc Packages in this update: yarnpkg-1.22.22-2.fc40 Update description: Backport fix for CVE-2024-4067. Read More
pgadmin4-7.8-7.fc39
FEDORA-2024-9820d9491f Packages in this update: pgadmin4-7.8-7.fc39 Update description: Backport security fixes for CVE-2024-4216, CVE-2024-4068, CVE-2024-4067. Read More
USN-6879-1: Virtuoso Open-Source Edition vulnerabilities
Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue...
USN-6866-2: Linux kernel (Azure) vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on...
USN-6865-2: Linux kernel (Azure) vulnerabilities
It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on...
USN-6870-2: Linux kernel (AWS) vulnerabilities
It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access...