Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I
‎06-05-2025 07:26 AM
‎06-05-2025 07:26 AM

Beyond the Playbook: Unpacking CISA's Updated Guidance on Play Ransomware TTPs.

Dear All,

 

CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an updated advisory on Play Ransomware, also known as Playcrypt. This advisory highlights new tactics, techniques, and procedures used by the Play ransomware group and provides updated indicators of compromise (IOCs) to enhance threat detection.

Since June 2022, Playcrypt has targeted diverse businesses and critical infrastructure across North America, South America, and Europe, becoming one of the most active ransomware groups in 2024. The FBI has identified approximately 900 entities allegedly exploited by these ransomware actors as of May 2025.

Recommended mitigations include:

 

Updated Guidance on Play Ransomware

 

#StopRansomware: Play Ransomware

 

 

Beyond the technical aspects, what's the biggest 'people' challenge your team faces when dealing with the constant evolution of sophisticated ransomware threats like Play? (e.g analyst burnout, skill retention, communicating complex threats to leadership, fostering a proactive mindset)?

It's always great to learn from each other, share experiences, and stay updated. Let's learn and explore together!

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
0 Kudos
0 Replies