FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023
Investigation covers the forensic analysis of cyber incidents, helping determine how attacks occurred, what was affected, and which evidence supports response.
Search across headline titles and summaries.
Background for this topic.
Investigation is the systematic examination of an event, claim, or suspected activity to establish what happened, when it happened, and who or what was involved. In information security, it commonly covers suspected intrusions, misuse of accounts, data exposure, fraud, and control failures. Investigators reconstruct an event from sources such as authentication records, endpoint artifacts, network telemetry, cloud logs, and disk or memory images, then determine the affected systems, data, and attack path.
Reliable investigations depend on preserving evidence without altering it, recording its provenance, and separating confirmed facts from assumptions. Findings can guide containment and recovery, reveal vulnerabilities that require remediation, and provide threat intelligence about tools or techniques used against an organization. Privacy and legal requirements may restrict what data can be collected or shared, while weak logging, short retention, or uncontrolled access can leave important questions unanswered and undermine any disciplinary, regulatory, or judicial action.
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023
The company has taken down its systems in an effort to determine the scope of the attack.
The Intellexa alliance has been using a range of tools for intercepting and subverting mobile and Wi-Fi technologies to deploy its surveillance tools, according to an investigation by Amnesty International and others.