Security News

FBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms. While tech support scams have been around for years, the FBI says this is a departure from scammers' conventional tactics of soliciting their targets to send money using bank transfers, cryptocurrencies, or gift cards.

Infosec in brief In a case startlingly similar to charges recently unsealed against one-term US president Donald Trump, a former FBI analyst has been jailed for taking sensitive classified material home with her. The Department of Justice said Kingsbury removed a total of 386 classified documents to her home, which included sensitive national security information that the DoJ said could have "Revealed some of the government's most important and secretive methods of collecting essential national security intelligence" in the wrong hands.

U.S. law enforcement today seized the clear web domain of the notorious BreachForums hacking forum three months after apprehending its owner Conor Fitzpatrick, under cybercrime charges. In June, after rumors of Baphomet partnering with Shiny Hunters, a threat actor notorious for numerous data breaches, to relaunch BreachForums on a new domain, the old Breached domain began displaying a default 'Welcome to nginx!' page.

The FBI doesn't want to lose its favorite codified way to spy, Section 702 of the US Foreign Intelligence Surveillance Act. In its latest salvo, the agency's deputy director Paul Abbate called it "Absolutely critical for the FBI to continue protecting the American people."

The agency said there has been an "Uptick" in reports since April of deepfakes being used in sextortion scams, with the images or videos being shared online to harass the victims with demands for money, gift cards, or other payments. In the advisory, the FBI noted the rapid advancements in AI technologies and increased availability of tools that allow creation of deepfake material.

Sextortion is a form of online blackmail where malicious actors threaten their targets with publicly leaking explicit images and videos they stole or acquired, typically demanding money payments for withholding the material. "As of April 2023, the FBI has observed an uptick in sextortion victims reporting the use of fake images or videos created from content posted on their social media sites or web postings, provided to the malicious actor upon request, or captured during video chats," reads the alert published on the FBI's IC3 portal.

State-sponsored North Korean hacker group Kimsuky has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations. Kimsuky hackers meticulously plan and execute their spear-phishing attacks by using email addresses that closely resemble those of real individuals and by crafting convincing, realistic content for the communication with the target.

Register Kettle If there's one thing that's more all the rage these days than this AI hype, it's warrantless spying by the Feds. As we reported this week, the FBI abused its foreign surveillance powers in a "Persistent and widespread" manner to probe protesters, political campaign donors, and others, according to a court opinion.

A joint Cybersecurity Advisory from government agencies in the U.S. and Australia, and published by the Cybersecurity and Infrastructure Security Agency is warning organizations of the latest tactics, techniques, and procedures used by the BianLian ransomware group. BianLian is a ransomware and data extortion group that has been targeting entities in the U.S. and Australian critical infrastructure since June 2022.

The FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting a PaperCut remote-code execution vulnerability to gain initial access to networks. "In early May 2023, according to FBI information, the Bl00dy Ransomware Gang gained access to victim networks across the Education Facilities Subsector where PaperCut servers vulnerable to CVE-2023-27350 were exposed to the internet," reads the security advisory.