25 Nov, 2024

FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023

​The FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. A joint advisory published on Tuesday calls for organizations worldwide to immediately patch these security flaws and deploy patch management systems to minimize their networks’ exposure to potential […]

2 mins read

CISA urges software devs to weed out XSS vulnerabilities

​CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal agencies said that XSS vulnerabilities still plague software released today, creating further exploitation opportunities for threat actors even though they’re preventable and should not be present in […]

2 mins read

FBI tells public to ignore false claims of hacked voter data

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. The two agencies note that malicious actors are spreading disinformation to manipulate public “opinion and undermine confidence in U.S. democratic institutions.” According to […]

3 mins read

FBI: RansomHub ransomware breached 210 victims since February

​Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion […]

2 mins read

Audit finds notable security gaps in FBI’s storage media management

An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information. The report highlights multiple issues with policies and procedures or controls for tracking storage media extracted from devices, and significant physical security gaps in the […]

2 mins read

US warns of Iranian hackers escalating influence operations

The U.S. government is warning of increased effort from Iran to influence upcoming elections through cyber operations targeting Presidential campaigns and the American public. In a joint statement from the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. says that Iran carried out cyberattacks […]

2 mins read

FBI disrupts the Dispossessor ransomware operation, seizes servers

The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.’s National Crime Agency, the Bamberg Public Prosecutor’s Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, […]

3 mins read

FBI warns of scammers posing as crypto exchange employees

The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. While the FBI didn’t share what prompted today’s public service announcement, it was likely motivated by a surge of reports of fraudsters using this tactic to access victims’ accounts and siphon off their digital […]

3 mins read