The FBI has published a TLP:WHITE FLASH providing indicators of compromise associated with RagnarLocker ransomware. The FLASH indicates that since January 2022, RagnarLocker ransomware has targeted at least 52 organizations across 10 critical infrastructure sectors. According to the FBI, members of the RagnarLocker group work as part of a ransomware family and frequently alter obfuscation techniques to avoid detection and prevention. The FLASH includes further technical details regarding this activity and lists recommended mitigations. It also encourages partners to report suspicious or criminal activity to their local FBI field office or the FBI’s 24/7 CyberWatch (CyWatch) at (855)292-3937 or CyWatch@fbi.gov.