FBI
FBI wipes Chinese PlugX malware from over 4,000 US computers
The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. The malware, controlled by the Chinese cyber espionage group Mustang Panda (also tracked as Twill Typhoon), infected thousands of systems using a PlugX variant with a wormable component that allowed it to […]
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As a private industry notification (PIN) published on Monday explains, the attackers focus their attacks on Chinese-branded devices that are still waiting for security patches or have already reached the end […]
FBI shares tips on how to tackle AI-powered fraud schemes
The FBI warns that scammers are increasingly using artificial intelligence to improve the quality and effectiveness of their online fraud schemes, ranging from romance and investment scams to job hiring schemes. “The FBI is warning the public that criminals exploit generative artificial intelligence (AI) to commit fraud on a larger scale which increases the believability […]
FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023
The FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. A joint advisory published on Tuesday calls for organizations worldwide to immediately patch these security flaws and deploy patch management systems to minimize their networks’ exposure to potential […]
CISA urges software devs to weed out XSS vulnerabilities
CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal agencies said that XSS vulnerabilities still plague software released today, creating further exploitation opportunities for threat actors even though they’re preventable and should not be present in […]
FBI tells public to ignore false claims of hacked voter data
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. The two agencies note that malicious actors are spreading disinformation to manipulate public “opinion and undermine confidence in U.S. democratic institutions.” According to […]
FBI: RansomHub ransomware breached 210 victims since February
Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion […]
Audit finds notable security gaps in FBI’s storage media management
An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information. The report highlights multiple issues with policies and procedures or controls for tracking storage media extracted from devices, and significant physical security gaps in the […]
US warns of Iranian hackers escalating influence operations
The U.S. government is warning of increased effort from Iran to influence upcoming elections through cyber operations targeting Presidential campaigns and the American public. In a joint statement from the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. says that Iran carried out cyberattacks […]
FBI disrupts the Dispossessor ransomware operation, seizes servers
The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.’s National Crime Agency, the Bamberg Public Prosecutor’s Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, […]