The Federal Bureau of Investigation (FBI) released a FLASH report regarding activity by the Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753. According to the report, SRG has targeted U.S. based law firms since Spring 2023 through social engineering techniques that include phishing emails, phone calls, and impersonation of Information Technology (IT) support personnel to gain access to victim systems and exfiltrate data. The FBI reported that SRG actors conduct data theft and extortion operations without using traditional ransomware encryption and frequently use legitimate remote access or file transfer tools, including WinSCP and Rclone, to transfer stolen data. The SRG actors may also attempt in-person access to victim locations to connect external storage devices and remove data directly from company computers. The FBI also requested that victims share information such as ransom notes, phishing emails, communications with threat actors, cryptocurrency wallet information, and identifying details related to individuals posing as IT support. In addition, the FLASH report outlined recommended cybersecurity practices, including employee awareness training, phishing-resistant multifactor authentication, verification of visitor credentials, regular data backups, and restrictions on remote access and external drive installation. The report is particularly relevant to the HPH Sector because SRG uses social engineering techniques that could affect healthcare operations, sensitive patient information, and organizational networks. For additional information, review the FBI FLASH Report.