Security News

FBI shares AvosLocker ransomware technical details, defense tips
2023-10-12 23:38

The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts. AvosLocker ransomware affiliates are known to use legitimate software and open-source code for remote system administration to compromise and exfiltrate data from enterprise networks.

FBI warns of surge in 'phantom hacker' scams impacting elderly
2023-10-02 15:01

The FBI issued a public service announcement warning of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States. "This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target," the FBI said.

FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies
2023-09-30 09:49

The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. "During these attacks, cyber threat actors...

FBI: Dual ransomware attack victims now get hit within 48 hours
2023-09-28 18:14

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. Variants used in these dual ransomware attacks include AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.

FBI-Led Global Effort Takes Down Massive Qakbot Botnet
2023-08-30 23:18

After more than 15 years in the wild, the Qakbot botnet, a zombie network of over 700,000 computers worldwide, is hanging on the FBI's trophy wall for now. A multinational action called Operation "Duck Hunt" - led by the FBI, the Department of Justice, the National Cybersecurity Alliance, Europol, and crime officials in France, Germany, the Netherlands, Romania, Latvia and the U.K. - was able to gain access to the Qakbot network and shut down the malicious botnet, which has affected 700,000 computers worldwide.

FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million
2023-08-30 04:05

A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that's estimated to have compromised over 700,000 computers globally and facilitated financial fraud as well as ransomware. QakBot administrators are said to have received fees corresponding to approximately $58 million in ransoms paid by victims between October 2021 and April 2023.

How the FBI nuked Qakbot malware from infected Windows PCs
2023-08-29 20:45

The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. Before we learn how the FBI uninstalled Qakbot from computers, it is essential to understand how the malware was distributed, what malicious behavior it performed, and who utilized it.

FBI-led Operation Duck Hunt shoots down Qakbot
2023-08-29 20:03

In a Tuesday press conference announcing the take down, US Attorney Martin Estrada called the FBI-led Operation Duck Hunt "The most significant technological and financial operation ever led by the Department of Justice against a botnet." For one thing, the Feds produced some software to drop onto Qbot-infected machines to render the malware ineffective. Beginning on August 21, the FBI obtained court orders allowing it to redirect Qakbot traffic to agent-controlled servers, and remotely disabled the malware on victims' machines.

Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches
2023-08-25 08:27

The U.S. Federal Bureau of Investigation is warning that Barracuda Networks Email Security Gateway appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as "Ineffective" and that it "Continues to observe active intrusions and considers all affected Barracuda ESG appliances to be compromised and vulnerable to this exploit."

FBI: Who was going around hijacking Barracuda email boxes? China, probably
2023-08-25 00:17

The FBI has warned owners of Barracuda Email Security Gateway appliances the devices are likely undergoing attack by snoops linked to China, and removing the machines from service remains the safest course of action. On Wednesday, the FBI pushed that recommendation in a flash alert [PDF] that stated it "Strongly advises all affected ESG appliances be isolated and replaced immediately."