The FBI has warned private companies about attempts by an Iranian threat actor to buy stolen information about the United States and organizations around the world.
The FBI alerted the organizations via a private notification (PIN) known as TLP:AMBER.
According to the FBI, the threat actor will likely use the leaked data bought from clear and dark web sources to breach the systems of related organizations.
In addition, the data is being used to breach organizations’ supervisory control data acquisition (SCADA) systems via the use of common default passwords.
The FBI had informed companies whose data had been stolen and leaked online that they should expect an attack by the unidentified Iranian threat actor in the near future.
With this in mind, organizations that are vulnerable to this risk are advised to take mitigation measures to block hacking attempts from servers such as Remote Desktop Protocol (RDP) servers, Web Application Firewalls, and Kentico CMS installations.