Search Results for: FBI
FBI tells public to ignore false claims of hacked voter data
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. The two agencies note that malicious actors are spreading disinformation to manipulate public “opinion and undermine confidence in U.S. democratic institutions.” According to […]
FBI: RansomHub ransomware breached 210 victims since February
Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion […]
Audit finds notable security gaps in FBI’s storage media management
An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information. The report highlights multiple issues with policies and procedures or controls for tracking storage media extracted from devices, and significant physical security gaps in the […]
FBI disrupts the Dispossessor ransomware operation, seizes servers
The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.’s National Crime Agency, the Bamberg Public Prosecutor’s Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, […]
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a popular open-source enterprise resource planning (ERP) system that provides a suite of business applications to manage various aspects of an organization. Due to its versatility and […]
FBI warns of scammers posing as crypto exchange employees
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. While the FBI didn’t share what prompted today’s public service announcement, it was likely motivated by a surge of reports of fraudsters using this tactic to access victims’ accounts and siphon off their digital […]
Discord rolls out end-to-end encryption for audio, video calls
Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. DAVE was created with the help of cybersecurity experts at Trail of Bits, that also audited the E2EE system’s code and implementation. The new system will cover one-on-one audio and video calls […]
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called “Raptor Train” that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. The botnet has been used to target entities in the military, government, higher education, telecommunications, defense industrial base (DIB), and IT sectors, mainly in […]
CISA urges software devs to weed out XSS vulnerabilities
CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal agencies said that XSS vulnerabilities still plague software released today, creating further exploitation opportunities for threat actors even though they’re preventable and should not be present in […]
RansomHub claims Kawasaki cyberattack, threatens to leak stolen data
Kawasaki Motors Europe has announced that it’s recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data. The company says the attack targeted its EU headquarters, and it is currently analyzing and cleaning any “suspicious material,” such as malware, that may still be lurking on systems. “At the […]