Security News

The FBI Criminal Investigative Division and Securities and Exchange Commission warn investors of fraudsters impersonating registered investment professionals such as investment advisers and registered brokers. The end goal of these broker imposter schemes is to lure their targets into investment scams using spoofed sites, fake social media profiles, cold calling, and doctored documents.

A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years. "Collaboration is a crucial part of CISA's work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organization should prioritize for patching to minimize risk of being exploited by malicious actors," said Eric Goldstein, CISA Executive Assistant Director for Cybersecurity.

The Tokyo Olympics, set to open Friday night, are already being targeted by threat actors - however, the Federal Bureau of Investigation's Cyber Division has issued a chilling warning the Games' TV broadcast is likely to be plagued by attacks, since it will be the only way to view events now that spectators have been barred due to COVID-19 concerns. "Adversaries could use social-engineering and phishing campaigns in the leadup to the event to obtain access or use previously obtained access to implant malware to disrupt affected networks during the event," the FBI notification said.

The Federal Bureau of Investigation warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. As the FBI explains, attacks coordinated by criminal or nation-state threat actors targeting the Tokyo 2020 Summer Olympics could involve distributed denial of service attacks, ransomware, social engineering, phishing campaigns, or insider threats.

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.

The Federal Bureau of Investigation warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. The FBI issued the warning via a TLP:GREEN Private Industry Notification designed to provide cybersecurity professionals with the information required to properly defend against these ongoing attacks.

The REvil cybergang is taking credit for Friday's massive ransomware attack against managed service provider Kaseya Ltd. The criminals behind the attack claim it infected 1 million systems tied to Kaseya services and are demanding $70 million in bitcoin in exchange for a decryption key. The attack is considered the single biggest global ransomware attack on record.

CISA and the Federal Bureau of Investigation have shared guidance for managed service providers and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform. The two federal agencies advise MSPs affected by the Friday REvil attack to further check their systems for signs of compromise using a detection tool provided by Kaseya over the weekend and enable multi-factor authentication on as many accounts as possible.

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency, Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and the U.K.'s National Cyber Security Centre formally attributed the incursions to the Russian General Staff Main Intelligence Directorate 85th Main Special Service Center. "The campaign uses a Kubernetes cluster in brute force access attempts against the enterprise and cloud environments of government and private sector targets worldwide," CISA said.

The FBI's director told lawmakers Thursday that the bureau discourages ransomware payments to hacking groups even as major companies in the past month have participated in multimillion-dollar transactions aimed at getting their systems back online. Besides the fact that such payments can encourage additional cyberattacks, victims may not automatically get back their data despite forking over millions, "And that's not unknown to happen," Wray said.