Security News

In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "Exclusive" new NFT releases, often employing misleading advertising campaigns that create a sense of urgency to pull them off. "Links provided in these announcements are phishing links directing victims to a spoofed website that appears to be a legitimate extension of a particular NFT project," the FBI said in an advisory last week.

The FBI warned today of fraudsters posing as Non-Fungible Token developers to prey upon NFT enthusiasts and steal their cryptocurrency and NFT assets. In these attacks, the criminals gain unauthorized access to NFT developer social media accounts or create nearly identical accounts to promote "Exclusive" NFT releases.

Agents of the FBI and Homeland Security at the Northeast Cybersecurity Summit revealed how cyberintelligence collaboration works. Learn more with our article.

In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the 12 most exploited vulnerabilities throughout 2022."In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," the joint advisory reads.

Nearly all of the FBI's technical intelligence on malicious "Cyber actors" in the first half of this year was obtained via Section 702 searches, according to FBI Director Christopher Wray. With the controversial FISA amendment set to expire at the end of the year, unless Congress reauthorizes the snooping clause, Wray has been making the rounds and delivering the same message: the FBI "Cannot afford to lose" Section 702.

FBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms. While tech support scams have been around for years, the FBI says this is a departure from scammers' conventional tactics of soliciting their targets to send money using bank transfers, cryptocurrencies, or gift cards.

Infosec in brief In a case startlingly similar to charges recently unsealed against one-term US president Donald Trump, a former FBI analyst has been jailed for taking sensitive classified material home with her. The Department of Justice said Kingsbury removed a total of 386 classified documents to her home, which included sensitive national security information that the DoJ said could have "Revealed some of the government's most important and secretive methods of collecting essential national security intelligence" in the wrong hands.

U.S. law enforcement today seized the clear web domain of the notorious BreachForums hacking forum three months after apprehending its owner Conor Fitzpatrick, under cybercrime charges. In June, after rumors of Baphomet partnering with Shiny Hunters, a threat actor notorious for numerous data breaches, to relaunch BreachForums on a new domain, the old Breached domain began displaying a default 'Welcome to nginx!' page.

The FBI doesn't want to lose its favorite codified way to spy, Section 702 of the US Foreign Intelligence Surveillance Act. In its latest salvo, the agency's deputy director Paul Abbate called it "Absolutely critical for the FBI to continue protecting the American people."

The agency said there has been an "Uptick" in reports since April of deepfakes being used in sextortion scams, with the images or videos being shared online to harass the victims with demands for money, gift cards, or other payments. In the advisory, the FBI noted the rapid advancements in AI technologies and increased availability of tools that allow creation of deepfake material.