March 28, 2022
Via: CSO OnlineThe U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Energy (DOE) have issued a joint cybersecurity advisory (CSA) on two intrusion campaigns conducted by state-sponsored Russian cyber actors against U.S. and […]
March 22, 2022
Via: The Hacker NewsThe U.S. government on Monday once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country following its military assault on Ukraine last month. “It’s part of Russia’s playbook,” U.S. […]
Threats & Malware, Vulnerabilities
March 16, 2022
Via: The Hacker NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws. “As […]
Cyber-crime, Malware, Threats & Malware, Virus & Malware
March 9, 2022
Via: MalwarebytesIn a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least 52 organizations across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including organizations in the critical manufacturing, energy, financial services, […]
January 28, 2022
Via: Security WeekThe agency has described their tactics, techniques and procedures (TTPs) and it has shared several recommendations for preventing and detecting attacks. In November 2021, the U.S Treasury Department announced sanctions against six Iranian nationals and a company involved in a […]
January 12, 2022
Via: The Hacker NewsAmid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, […]
Threats & Malware, Vulnerabilities
December 23, 2021
Via: The Hacker NewsCybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache’s Log4j software library by nefarious adversaries. “These vulnerabilities, especially Log4Shell, are severe,” […]
December 10, 2021
Via: Panda SecurityLike any other people, many believe that hackers try to take a break and work less during the festive season. However, this is not the case. In fact, cybercriminals end up doing extra hours during the holidays as they know […]
Threats & Malware, Virus & Malware
December 6, 2021
Via: Security WeekAs of November 2021, the gang behind Cuba ransomware managed to compromise at least 49 entities in the government, healthcare, financial, information technology, and manufacturing sectors. To help organizations better defend against this threat, the FBI has released indicators of […]
November 30, 2021
Via: Natalie DunnAlmost all instant messaging services on the market today make a big deal about their security and privacy policies. A recently leaked document has revealed just how much data the FBI can legally obtain from these services. The infographic shows […]
Threats & Malware, Vulnerabilities
November 24, 2021
Via: Security WeekOver the past years, it has become clear that cybercriminals often plan major cyber-assaults for the time when employees are out of office, namely weekends or holidays such as Independence Day, Mother’s Day, Thanksgiving and Christmas. “Recent history tells us […]
Threats & Malware, Vulnerabilities
November 19, 2021
Via: The Hacker NewsThe U.S. Federal Bureau of Investigation (FBI) has disclosed that an unidentified threat actor has been exploiting a previously unknown weakness in the FatPipe MPVPN networking devices at least since May 2021 to obtain an initial foothold and maintain persistent […]
Email security, Security, Threats & Malware, Vulnerabilities
November 15, 2021
Via: Security WeekThreat intelligence organization Spamhaus reported seeing more than 100,000 fake emails being sent out in two waves. The hoax emails, coming from “[email protected],” carried the subject line “Urgent: Threat actor in systems.” The message appeared to come from the DHS […]
November 8, 2021
Via: Security AffairsThe FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency ATMs and Quick Response (QR) codes to complete payment transactions. This payment option makes it quite impossible to recover the money […]
November 3, 2021
Via: MalwarebytesThe BlackMatter ransomware gang has announced they are going to shut down their operation, citing pressure from local authorities. And pressure there is. Only two weeks ago, we wrote about a warning that the Federal Bureau of Investigation (FBI), the […]
October 26, 2021
Via: Security AffairsThe FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. The gang has been active since at least 2020, threat actors hit organizations from various industries. […]
Threats & Malware, Vulnerabilities
September 3, 2021
Via: Security AffairsThe FBI Cyber Division issued a Private Industry Notification (PIN) to warn of ransomware attacks targeting the Food and Agriculture sector disrupting its operations, causing financial loss and negatively impacting the overall food supply chain. Small farms, large producers, processors […]
Cyber-crime, Phishing, Threats & Malware, Vulnerabilities
September 2, 2021
Via: Help Net SecurityRansomware gangs may take advantage of upcoming holidays and weekends to hit US organizations, the FBI and the CISA have warned. They don’t have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday, they […]
August 17, 2021
Via: Security AffairsA security researcher Bob Diachenko discovered a secret terrorist watchlist with 1.9 million records that were exposed on the internet for three weeks between July 19 and August 9, 2021. In July, Diachenko discovered an unsecured Elasticsearch cluster containing 1.9 […]
July 29, 2021
Via: The Hacker NewsBusiness email compromise (BEC) refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main mechanisms through which attackers penetrate organizations utilizing BEC techniques, spoofing and account take-over attacks. […]