News

#StopRansomware Advisory: Interlock Ransomware Threats and Mitigations

Luciano Ferrari

24 Dec 2025 — 2 min read

Wednesday, December 24, 2025

Top 5 Cybersecurity Stories You Should Know

#StopRansomware Advisory: Interlock Ransomware Threats and Mitigations — tl;dr: The CISA, FBI, and other agencies have issued a joint advisory on Interlock ransomware, first identified in September 2024, which targets businesses and critical infrastructure in North America and Europe. This ransomware employs a double extortion model, encrypting data after exfiltration, and uses unique codes for ransom communication via .onion URLs. Organizations are urged to implement DNS filtering, patch vulnerabilities, segment networks, and enforce multifactor authentication to mitigate risks. The advisory provides detailed tactics, techniques, and indicators of compromise to help defend against this evolving threat.
↪ https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
DHS Allocates Over $100 Million for Community Cybersecurity Grants — tl;dr: The Cybersecurity and Infrastructure Security Agency (CISA) and FEMA have announced over $100 million in cybersecurity grants aimed at enhancing community defenses. This funding includes $91.7 million for state and local governments through the Fiscal Year 2025 State and Local Cybersecurity Grant Program (SLCGP) and $12.1 million for tribal governments via the Tribal Cybersecurity Grant Program (TCGP). These grants will support various initiatives such as hiring cybersecurity experts and improving network security, ultimately helping communities build resilience against cyber threats. For more details and application resources, visit CISA's website.
↪ https://www.cisa.gov/news-events/news/dhs-launches-over-100-million-funding-strengthen-communities-cyber-defenses
DHS Strengthens National Cybersecurity Resilience and Infrastructure Protection — tl;dr: The Department of Homeland Security (DHS) plays a crucial role in enhancing cybersecurity across the United States, primarily through the Cybersecurity and Infrastructure Security Agency (CISA). CISA leads efforts to protect federal networks and critical infrastructure, collaborating with various stakeholders, including state and local governments and private sectors. Key initiatives include securing election infrastructure and addressing vulnerabilities like the Log4j incident through the Cyber Safety Review Board. Organizations are encouraged to adopt best practices and engage with CISA for guidance to bolster their cybersecurity posture.
↪ https://www.dhs.gov/topics/cybersecurity
CISA's Cybersecurity Best Practices for Individuals and Organizations — tl;dr: The Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the importance of implementing cybersecurity best practices for both individuals and organizations to mitigate cyber risks. Key recommendations include using strong passwords, enabling multi-factor authentication, and regularly updating software. As cyber threats continue to evolve, CISA provides resources and services to enhance operational resilience and protect critical infrastructure. Individuals and organizations are encouraged to adopt these practices to strengthen their cybersecurity posture and report any suspicious activities to help safeguard their communities.
↪ https://www.cisa.gov/topics/cybersecurity-best-practices
CISA Offers Comprehensive Cybersecurity Training and Exercises for All Levels — tl;dr: The Cybersecurity and Infrastructure Security Agency (CISA) provides a range of no-cost cybersecurity training and exercises aimed at federal employees, private-sector professionals, and the general public. The CISA Learning platform offers online courses on topics like cloud security and incident response, while the Federal Cyber Defense Skilling Academy trains federal employees as Cyber Defense Analysts. Additionally, CISA conducts exercises to enhance the resilience of critical infrastructure. Stakeholders are encouraged to utilize these resources to strengthen their cybersecurity skills and organizational preparedness.
↪ https://www.cisa.gov/cybersecurity-training-exercises