Educause Security Discussion mailing list archives
Re: FLASH CP-000142-MW TLP: WHITE
From: Greg Sawyer <greg.sawyer () CAUDIT EDU AU>
Date: Wed, 17 Mar 2021 03:19:42 +0000
Hi Brian I hope you are well. Thanks for the inadvertent share, it started a good conversation locally. Regards Greg Greg Sawyer | Director, Cybersecurity Program | CAUDIT | www.caudit.edu.au<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.caudit.edu.au%2F&data=02%7C01%7CBill.Jones%40blackboard.com%7C8b015ce8dfb244852db208d4af523d58%7Cbf0b29a25e5c4aaaba4dac988df15ea6%7C0%7C0%7C636326215855563952&sdata=KmJNEHDV440j4YXgLjYV8K9sIsTOAW2ThopKeXIcvtk%3D&reserved=0> Mob: +61 414 385 539 | greg.sawyer () caudit edu au<mailto:greg.sawyer () caudit edu au> Location: Blue Mountains | Mail: PO Box 9432 Deakin, ACT 2600 | Australia From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Kelly Sent: Wednesday, 17 March 2021 12:06 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] FW: FLASH CP-000142-MW TLP: WHITE Sharing to maximize reach, we first shared information on PYSA (https://thedfirreport.com/2020/11/23/pysa-mespinoza-ransomware/ ) back in December. The FBI has shared update below/attached with the REN-ISAC and EDUCAUSE. [cid:image001.png@01D71B36.B9E70CF0] ALCON, Please see the attached FBI Liaison Alert System (FLASH) CP-000142-MW TLP: WHITE, Increase in PYSA Ransomware Targeting Education Institutions. FLASH is being disseminated to increase US Government and private sector awareness of cyber actors targeting educational institutions, provide indicators of compromise and recommended mitigations for PYSA ransomware. This product is marked TLP: WHITE. The information in this product may be distributed without restriction, subject to copyright controls. Respectfully, CyWatch 855-292-3937 Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program<https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program> bkelly () educause edu<mailto:bkelly () educause edu> EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil direct: 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- FW: FLASH CP-000142-MW TLP: WHITE Brian Kelly (Mar 16)
- Re: FLASH CP-000142-MW TLP: WHITE Greg Sawyer (Mar 16)