The FBI has formally attributed the hack of the Harmony cryptocurrency bridge platform to Lazarus, a cyber-espionage group working for the North Korean government. The Harmony crypto-heist took place on June 23, 2022, and resulted in the theft of $100 million in cryptocurrency assets. Less than a week after the incident, blockchain tracking company Elliptic …
Updated on 2022-12-22 The FBI warned against threat actors using search engine ads to promote websites propagating ransomware or exfiltrating login credentials from crypto exchanges and financial institutions. Read more: Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users Overview: FBI recommends ad blockers In a PSA this week, the FBI recommended …
Updated on 2022-12-16: FBI’s vetted information sharing network InfraGard hacked InfraGard, a program run by the FBI to build partnerships that allow cyber and physical threat information to be shared with the private sector, was compromised. A database of some 80,000 members are for sale on an English-speaking cybercrime forum. The hackers responsible broke in …
Updated on 2022-12-21 Sports betting company DraftKings notified 68,000 individuals of a data breach that potentially compromised their personal data, including usernames, passwords, and email addresses. pic.twitter.com/R8tD6xryZO — DraftKings CX Team (@DK_Assist) November 21, 2022 Updated on 2022-12-05: FBI investigating DraftKings credential stuffing incident ESPN is reporting that the FBI is investigating the credential stuffing …
In testimony before the US Senate Homeland Security Committee, FBI Director Christopher Wray said that his agency conducts offensive cyber operations against both state and non-state threat actors. Wray did not offer specifics about the offensive operations. “However, he warned that deterring nation-state threat actors from continuing to engage in illegal cyber activity is much …
Updated on 2022-12-12 The Hive ransomware group claimed responsibility for ongoing disruptions to computer systems at Knox College, Illinois. It claimed to have encrypted critical infrastructure and data. Read more: Knox College president addresses ransomware incident as notorious group claims credit Updated on 2022-12-09 The Hive ransomware group claimed to have posted the customer data …
In a report, the US Government Accountability Office (GAO) makes recommendations that “could help the federal government improve coordination and assistance” to help protect state, local, tribal, and territorial (SLTT) government organizations from ransomware attacks. Ransomware: Federal Coordination and Assistance Challenges recommends that the Cybersecurity and Infrastructure Security Agency (CISA), Secret Service, and FBI improve …
Updated on 2022-12-29 The Log4Shell vulnerability remains a big threat to organizations even after a year since it received security patches. It is found that around 40% of software continues to use vulnerable versions of Apache Log4j. Read more: Lessons Learned: The Log4J Vulnerability 12 Months On Updated on 2022-12-12: Log4Shell one-year anniversary Happy birthday …
Updated on 2022-11-08: FBI Warns of Hacktivist Activity The US Federal Bureau of Investigation (FBI) has published a Private Industry Notification warning that hacktivists are launching distributed denial-of-service (DDoS) attacks. The document includes recommendations for mitigating the effect of the attacks. Targets have included financial institutions, emergency services, airports, and healthcare-related facilities. Note The bulletin …
Updated on 2022-10-31 The CISA, the FBI, and the MS-ISAC issued the Understanding and Responding to DDoS Attacks guidance for network defenders and leaders to respond to DDoS attacks. Read more: Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies Updated on 2022-10-30: US DDOS guidance CISA, the …
