Security News

The Feds didn't go as far as naming any specific vendors or services here, but one of the main reasons that crooks go down the "Beta-testing" route is to lure users of Apple iPhones into installing software that didn't come from the App Store. In contrast, even iPhone apps that are 100% free must be submitted by the vendor to the App Store to become available for download, and downloaded by the user from the App Store for installation.

The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover lost assets. "Representatives of fraudulent businesses claiming to provide cryptocurrency tracing and promising an ability to recover lost funds may contact victims directly on social media or messaging platforms," reads the FBI notice.

In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "Exclusive" new NFT releases, often employing misleading advertising campaigns that create a sense of urgency to pull them off. "Links provided in these announcements are phishing links directing victims to a spoofed website that appears to be a legitimate extension of a particular NFT project," the FBI said in an advisory last week.

The FBI warned today of fraudsters posing as Non-Fungible Token developers to prey upon NFT enthusiasts and steal their cryptocurrency and NFT assets. In these attacks, the criminals gain unauthorized access to NFT developer social media accounts or create nearly identical accounts to promote "Exclusive" NFT releases.

Agents of the FBI and Homeland Security at the Northeast Cybersecurity Summit revealed how cyberintelligence collaboration works. Learn more with our article.

In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the 12 most exploited vulnerabilities throughout 2022."In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," the joint advisory reads.

Nearly all of the FBI's technical intelligence on malicious "Cyber actors" in the first half of this year was obtained via Section 702 searches, according to FBI Director Christopher Wray. With the controversial FISA amendment set to expire at the end of the year, unless Congress reauthorizes the snooping clause, Wray has been making the rounds and delivering the same message: the FBI "Cannot afford to lose" Section 702.

FBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms. While tech support scams have been around for years, the FBI says this is a departure from scammers' conventional tactics of soliciting their targets to send money using bank transfers, cryptocurrencies, or gift cards.

Infosec in brief In a case startlingly similar to charges recently unsealed against one-term US president Donald Trump, a former FBI analyst has been jailed for taking sensitive classified material home with her. The Department of Justice said Kingsbury removed a total of 386 classified documents to her home, which included sensitive national security information that the DoJ said could have "Revealed some of the government's most important and secretive methods of collecting essential national security intelligence" in the wrong hands.

U.S. law enforcement today seized the clear web domain of the notorious BreachForums hacking forum three months after apprehending its owner Conor Fitzpatrick, under cybercrime charges. In June, after rumors of Baphomet partnering with Shiny Hunters, a threat actor notorious for numerous data breaches, to relaunch BreachForums on a new domain, the old Breached domain began displaying a default 'Welcome to nginx!' page.