Security News

The FBI Internet Crime Complaint Center has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. The federal agency received over 16,000 sextortion complaints until July 31, almost half of them coming from victims in the 20-39 age group.

The FBI Internet Crime Complaint Center has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July. The federal agency received over 16,000 sextortion complaints until July 31, almost half of them coming from victims in the 20-39 age group.

The FBI says ransomware gangs are actively targeting and disrupting the operations of organizations in the food and agriculture sector, causing financial loss and directly affecting the food supply chain. Ransomware gangs started focusing their attacks against this industry sector after food and agriculture orgs have become increasingly dependent on smart tech, industrial control systems, and internet-based automation systems.

On Tuesday, the FBI and CISA released an advisory, warning organizations to "Remain vigilant" to cybersecurity threats heading toward the holiday weekend. The federal advisory makes note of "Recent holiday targeting," stating that "Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends." Neither FBI nor CISA has information about a cyberattack "Coinciding with upcoming holidays and weekends," per the advisory, but the document says cybercriminals may see holidays and weekends as "As attractive timeframes" to "Target potential victims."

The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays in a joint cybersecurity advisory issued earlier today.While the FBI and CISA do not have any info regarding potential attacks within upcoming holidays and weekends, they gave as examples the attacks on the networks of Colonial Pipeline, JBS, and Kaseya.

The Federal Bureau of Investigation has released some technical details and indicators of compromise associated with Hive ransomware attacks. In a rare occurrence, the FBI has included the link to the leak site where the ransomware gang publishes data stolen from companies that did not pay.

The Federal Bureau of Investigation has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. "The FBI has learned of a cyber-criminal group who self identifies as the 'OnePercent Group' and who have used Cobalt Strike to perpetuate ransomware attacks against US companies since November 2020," the FBI said.

Security researcher Bob Diachenko claims to have discovered an unprotected Elasticsearch database containing 1.9 million records related to what appeared to be a terrorist watchlist of the United States government. Diachenko identified what he believed to be a no-fly list maintained by the Terrorist Screening Center, a multi-agency group administered by the FBI. The no-fly list represents only a subset of a larger terrorist watchlist maintained by the U.S. Department of Homeland Security.

The FBI Criminal Investigative Division and Securities and Exchange Commission warn investors of fraudsters impersonating registered investment professionals such as investment advisers and registered brokers. The end goal of these broker imposter schemes is to lure their targets into investment scams using spoofed sites, fake social media profiles, cold calling, and doctored documents.

A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years. "Collaboration is a crucial part of CISA's work and today we partnered with ACSC, NCSC and FBI to highlight cyber vulnerabilities that public and private organization should prioritize for patching to minimize risk of being exploited by malicious actors," said Eric Goldstein, CISA Executive Assistant Director for Cybersecurity.