Security News

The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays in a joint cybersecurity advisory issued earlier today.While the FBI and CISA do not have any info regarding potential attacks within upcoming holidays and weekends, they gave as examples the attacks on the networks of Colonial Pipeline, JBS, and Kaseya.

The Federal Bureau of Investigation has released some technical details and indicators of compromise associated with Hive ransomware attacks. In a rare occurrence, the FBI has included the link to the leak site where the ransomware gang publishes data stolen from companies that did not pay.

The Federal Bureau of Investigation has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. "The FBI has learned of a cyber-criminal group who self identifies as the 'OnePercent Group' and who have used Cobalt Strike to perpetuate ransomware attacks against US companies since November 2020," the FBI said.

Security researcher Bob Diachenko claims to have discovered an unprotected Elasticsearch database containing 1.9 million records related to what appeared to be a terrorist watchlist of the United States government. Diachenko identified what he believed to be a no-fly list maintained by the Terrorist Screening Center, a multi-agency group administered by the FBI. The no-fly list represents only a subset of a larger terrorist watchlist maintained by the U.S. Department of Homeland Security.

The FBI Criminal Investigative Division and Securities and Exchange Commission warn investors of fraudsters impersonating registered investment professionals such as investment advisers and registered brokers. The end goal of these broker imposter schemes is to lure their targets into investment scams using spoofed sites, fake social media profiles, cold calling, and doctored documents.

A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years. "Collaboration is a crucial part of CISA's work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organization should prioritize for patching to minimize risk of being exploited by malicious actors," said Eric Goldstein, CISA Executive Assistant Director for Cybersecurity.

The Tokyo Olympics, set to open Friday night, are already being targeted by threat actors - however, the Federal Bureau of Investigation's Cyber Division has issued a chilling warning the Games' TV broadcast is likely to be plagued by attacks, since it will be the only way to view events now that spectators have been barred due to COVID-19 concerns. "Adversaries could use social-engineering and phishing campaigns in the leadup to the event to obtain access or use previously obtained access to implant malware to disrupt affected networks during the event," the FBI notification said.

The Federal Bureau of Investigation warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. As the FBI explains, attacks coordinated by criminal or nation-state threat actors targeting the Tokyo 2020 Summer Olympics could involve distributed denial of service attacks, ransomware, social engineering, phishing campaigns, or insider threats.

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.

The Federal Bureau of Investigation warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. The FBI issued the warning via a TLP:GREEN Private Industry Notification designed to provide cybersecurity professionals with the information required to properly defend against these ongoing attacks.