Security News

The Federal Bureau of Investigation and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months. "A FBI investigation indicates Iranian state cyber actors acquired initial access to the victim's network approximately 14 months before launching the destructive cyber attack, which included a ransomware-style file encryptor and disk wiping malware," the two agencies revealed in a joint advisory published today.

The Federal Bureau of Investigation has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. Cybercriminals are combining multiple tactics to obtain login credentials of employees at payment processors in the healthcare industry and to modify payment instructions.

The Wall Street Journal is reporting that the FBI has recovered over $30 million in cryptocurrency stolen by North Korean hackers earlier this year. The Axie Infinity recovery represents a shift in law enforcement's ability to trace funds through a web of so-called crypto addresses, the virtual accounts where cryptocurrencies are stored.

FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the start of the new school year. "The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks," today's joint advisory reads.

The FBI has urged people to be cautious and heavily research a DeFi - decentralized finance - provider before putting your money into it, after more than a billion dollars was stolen from these providers in three months. The FBI wants folks to realize the risks, get professional financial advice if in doubt, and do their homework on the security and general practices of DeFi providers.

The U.S. Federal Bureau of Investigation on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the agency said in a notification.

The U.S. Federal Bureau of Investigation is warning investors that cybercriminals are increasingly exploiting security vulnerabilities in Decentralized Finance platforms to steal cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the federal law enforcement agency said.

The Federal Bureau of Investigation warns of a rising trend of cybercriminals using residential proxies to conduct large-scale credential stuffing attacks without being tracked, flagged, or blocked. Because credential stuffing attacks carry specific characteristics that differentiate them from regular login attempts, websites can easily detect and stop them.

The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures and indicators of compromise to help security professionals detect and block attacks using this ransomware strain.

The U.S. Department of Justice has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. The DoJ did not disclose where the rest of the payments originated from.