Tag: fbi
CISA Signs Cybersecurity MoU with the Republic of Korea – November 10th
The Cybersecurity and Infrastructure Security Agency (CISA) announced a signed Memorandum of Understanding (MoU) with the Republic of Korea's National Intelligence Service (NIS) to establish collaboration efforts under the bilateral Cyber Framework between the US and the Republic of Korea signed in April. The framework between the Republic of Korea and the US includes sharing technical and operational cyber threat information and best practices in cyber crisis management.
FBI targets casino cybercrime
The attacks first identified by the FBI frequently targeted small and tribal casinos, encrypting servers and the personally identifying information (PII) of employees and patrons. As of June 2023, the FBI also reports that the Silent Ransom Group (SRG), also called Luna Moth, conducted callback phishing data theft and extortion attacks by sending victims a phone number in a phishing attempt, usually relating to pending charges on the victim’s account. When the victims called the provided phone number, cybercriminals directed them to a legitimate system management tool via a link provided in a follow-up email.
Plastic surgeons and patients targeted in extortion rackets
The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.
Google to adapt email sender guidelines for heightened security – October 4th
In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year. Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.
Lazarus equips two new remote access trojan weapons – September 22nd
The Lazarus group is using two new remote access trojans to target health systems' ManageEngine vulnerabilities. The group recently made headlines after targeting healthcare entities in Europe and the US and has since evolved its malware to exploit the CVE-2022047966 vulnerability in the ManageEngine setup, allowing for remote code execution. Its new RAT variants, QuiteRAT and CollectionRAT, allow for the attacker to run arbitrary commands, among other capabilities.
FBI sounds second call to arms to fight cybercrime
The US Federal Bureau of Investigation (FBI) is increasingly anxious to enlist the private sector in the losing battle it is fighting against global cybercrime and espionage. Speaking in Washington on Monday, FBI director Christopher Wray stressed the importance of “collaborative, public-private” operations in fighting cybercrime, developing a strategy previously outlined by FBI Deputy Director Paul Abbate at a Boston cybersecurity conference three months ago.
Moriarty of cybercrime strikes again
The world’s most-wanted cybercriminal, Russia’s Mikhail Matveev, who already has a $10 million dollar bounty issued by the FBI, is believed to be behind the recent theft of thousands of documents stolen from the UK’s Ministry of Defence (MoD). While authorities are intent on taking him down, his reign of terror shows no signs of stopping.
FBI nails Qakbot offender – August 30th
In today's roundup; FIN8 threat actors exploit gateway risk, the University of Michigan's cyber attack, and the FBI taking down the Qakbot offender.
Threat actors’ preferred names? Microsoft, Meta, and Google
Microsoft, PayPal, Facebook, Google, and Amazon are some of the world's most respected brands, but they're also the most impersonated. With 300,000 successful phishing attacks recorded last year in the US alone and 71% of organizations experiencing an attempted or actual business email compromise the issue is only getting worse.
North Korea steals $40m in cryptocurrency in one day
On Tuesday (August 22), the FBI announced that cybercrime groups directly linked to the North Korean government had stolen $40 million worth of cryptocurrency in a single day. The heist is said to be the work of TraderTraitor-affiliated actors (also known as Lazarus Group and APT38).
Sextortion scams soar by 178%
Security researchers, ESTET reports a 178% increase in sextortion emails between the first half of 2022 and the first six months of 2023, marking the category out as a top email threat. The company ranks sextortion emails third among all email threats in H1 2023.
US space industry vulnerable to supply-chain attacks
US intelligence agencies and the US Air Force issued a joint advisory warning space innovation and assets are now prime targets for cyber-espionage.