Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
FBI Publishes Indicators of Compromise for LockBit 2.0 RansomwareFBI Publishes Indicators of Compromise for LockBit 2.0 Ransomware
Flash bulletin alert includes mitigation strategies for defending against the ransomware.
1 Min Read
The FBI today issued a flash bulletin that details the specific indicators of compromise (IoCs) associated with LockBit 2.0, whose operators offer the ransomware variant via a ransomware-as-a-service model.
LockBit 2.0 moves quickly, mainly because it can automatically encrypt devices in a Windows domain using Active Directory (AD) group policies. The ransomware attackers using LockBit often also threaten to leak stolen victim data on their doxxing site if the victim doesn't pony up with their ransom demands. According to the FBI, LockBit 2.0 is "a heavily obfuscated ransomware application leveraging bitwise operations to decode strings and load required modules to evade detection."
The FBI bulletin also includes specific steps organizations can take to minimize their vulnerability to an attack by the ransomware, including the usual key defenses, such as employing multifactor and strong authentication, updating software, using network segmentation, restricting user privileges to admin accounts, running a host-based firewall that limits connects to admin shares, ensuring offline data backups, and other best practices.
About the Author
You May Also Like
More Insights
Webinars
Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025Shift Left: Integrating Security into the Software Development Lifecycle
Mar 5, 2025
_vska_Alamy_.jpg?width=700&auto=webp&quality=80&disable=upscale)