#StopRansomware: Black Basta

This joint advisory from FBI, CISA, HHS, and MS-ISAC details Black Basta, a ransomware-as-a-service group that has impacted hundreds of organizations across critical infrastructure; it summarizes initial access methods (spearphishing, exploitation of ConnectWise CVE-2024-1709, credential abuse), privilege escalation and lateral movement techniques, tools used (AnyDesk, RClone, Mimikatz, Cobalt Strike, etc.), exfiltration and encryption behavior including double-extortion, current IOCs, and recommended mitigations and reporting procedures.