Security News

The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and sensitive personal information was stolen from DC Health Link's servers. DC Health Link is the organization that administers the health care plans of U.S. House members, their staff, and their families.

CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education. In response, the FBI and CISA shared indicators of compromise and a list of tactics, techniques, and procedures linked, which would help defenders detect and block attempts to deploy Royal ransomware payloads on their networks.

The FBI claims it has dealt with a cybersecurity "Incident" that reportedly involved computer systems being used to investigate child sexual exploitation. "The FBI is aware of the incident and is working to gain additional information," a spokesperson said in a statement to The Register.

The FBI confirmed a cyber "Incident" that reportedly involved computer systems being used to investigate child sexual exploitation. "The FBI is aware of the incident and is working to gain additional information," a spokesperson said in an emailed statement to The Register.

"The FBI is aware of the incident and is working to gain additional information," the U.S. domestic intelligence and security service told CNN on Friday. "This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time."

The US Cybersecurity and Infrastructure Security Agency has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak. In addition to the script, CISA and the FBI today published ESXiArgs ransomware virtual machine recovery guidance on how to recover systems as soon as possible.

Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty. The $10 million bonty is part of the US State Department's Rewards for Justice program, and in a Thursday tweet the agency sought tips for Hive members "Acting under the direction or control of a foreign government." The notice also referenced the FBI's Hive website takedown, which the feds announced earlier that day.

Six months ago, according to the US Department of Justice, the Federal Bureau of Investigation infiltrated the Hive ransomware gang and started "Stealing back" the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two associated groups of cybercriminals.

The FBI has revealed the results of a month-long campaign designed to thwart an infamous ransomware group known for extorting hospitals, school districts and critical infrastructure. Since the FBI's campaign started, more than 300 decryption keys have been given to Hive victims under attack, while more than 1,000 were provided to victims of the gang's previous attacks.

The FBI said it has shut down the Hive's ransomware network, seizing control of the notorious gang's servers and websites, and thwarting the pesky criminals' ability to sting future victims. The takedown, which happened Wednesday night, was the culmination of a seven-month covert operation during which the FBI hacked Hive's network and used that access to provide decryption keys to more than 300 victims, saving them $130 million in ransomware payments, we're told.