"FBI Warns Organizations of the New BianLian Ransomware Tactics"

A joint Cybersecurity Advisory (CSA) issued by US and Australia government agencies and published by the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of the most recent tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group. Since June 2022, the BianLian ransomware and data extortion group has been targeting entities within US and Australian critical infrastructure organizations. As part of the #StopRansomware initiative, the advisory is based on investigations conducted by the FBI and the Australian Cyber Security Centre (ACSC). It seeks to provide defenders with information that enables them to adjust protections and strengthen their security posture against BianLian ransomware and other threats of a similar nature. BianLian used a double-extortion model at first, encrypting systems after stealing sensitive data from victim networks and then threatening to publish the data. However, since Avast released a decryptor for the ransomware in January 2023, the group has shifted to extortion based on data theft without encrypting systems. This article continues to discuss the BianLian group's TTPs. 

Bleeping Computer reports "FBI Warns Organizations of the New BianLian Ransomware Tactics"