Security News

Police arrested more than 800 people worldwide in a huge global sting involving encrypted phones that were secretly planted by the FBI, law enforcement agencies said Tuesday. Australian police said the supposedly hardened encrypted devices were handed out to operatives within the mafia, Asian crime syndicates, drug cartels and outlaw motorcycle gangs as part of the elaborate FBI-led plot.

The Australian Federal Police has revealed it was able to decrypt messages sent on a supposedly secure messaging app that was seeded into the criminal underworld and promoted as providing snoop-proof comms. Europol and the FBI will detail their use of the app in the coming hours.

The FBI on Saturday withdrew a subpoena issued to USA Today's parent company Gannett in April to find out who read an online news story published in February about a shootout that led to the deaths of two FBI agents and the wounding of three others. The article described how an FBI operation went awry a day earlier when two agents were shot and killed and three other agents were wounded while serving a warrant in a child exploitation investigation.

United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice and FBI announced in a joint press conference on Monday. Law enforcement tracked multiple transfers of bitcoin and were able to identify that about 63.7 of the bitcoins paid by Colonial Pipeline Co. after the May 7 ransomware attack were transferred to a specific address - an address that the FBI controls.

The FBI has publicly confirmed that the REvil ransomware was used in the cyberattack that forced the world's largest meat processing company to shut down systems. While JBS did not make public any technical information on the attack, it did notify the federal government of a ransom demand, apparently coming from a Russian hacking group.

The Federal Bureau of Investigations has officially stated that the REvil operation, aka Sodinokibi, is behind the ransomware attack targeting JBS, the world's largest meat producer. "We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice," says an FBI Statement on JBS Cyberattack.

Hunt therefore also offers a public service called Pwned Passwords, where you can look up your own password in a database of just over 600 million already-recovered passwords, whether those passwords were stolen due to a large-scale corporate data breach, a carefully planned ransomware attack, a long-running malware infestation, or any other cause. Avoiding a 10GB download. If you don't have the time or energy to download 10GB or more of of Pwned Passwords data, you can look up your password without giving it away directly.

Last year, the man Down Under announced plans to make key portions of the system open source for others to pick up, use, and improve. Now the Pwned Passwords code base is available from GitHub under a BSD three-clause license.

An alert released on Friday by the FBI and the DHS's Cybersecurity and Infrastructure Security Agency revealed that the number of organizations targeted in a recent attack abusing a legitimate email marketing service was higher than initially reported. Microsoft reported last week that the Russia-linked threat actor it tracks as Nobelium, which is believed to be responsible for the SolarWinds supply chain attack, had been abusing a legitimate mass email service named Constant Contact to target government and other types of organizations in the United States and a dozen other countries.

The FBI on Thursday published indicators of compromise associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. In early April, the FBI along with the Cybersecurity and Infrastructure Security Agency warned that threat actors had been targeting serious security holes in Fortinet's flagship operating system FortiOS for initial access into victims' networks.