Security News

The FBI published this warning on Wednesday as an IC3 public service announcement and as a Private Industry Notification issued to private sector organizations in coordination with DHS-CISA. Attacks on emergency services can lead to loss of lives. "The IC3 has become aware of increased coercion tactics used by the subjects, which have created a threat to emergency services across the nation," the FBI said in a public service announcement from January 2013.

Federal law enforcement is now looking into a cyberattack at a water treatment plant in Oldsmar, FL where someone was able to remotely access systems and add a dangerous amount of chemicals to the town's water supply. On Monday, Pinellas County Sheriff Bob Gualtieri explained during a press conference that an employee at Oldsmar's water treatment facility saw his mouse moving independently of him on Friday morning but thought nothing of it-it's common for people in the field to remotely access systems through their TeamViewer software.

The U.S. Federal Bureau of Investigation is warning of scammers actively posing as FBI representatives and threatening targets with fines and jail time unless they don't hand out personal and/or financial information. As the FBI warns, the agency has received multiple reports of such scam attempts where the fraudsters are targeting North Florida residents attempting to steal their personal info.

Attackers are tricking employees into logging into phishing sites.

States across the country are increasingly realizing that more needs to be done to prepare in advance of cyberattacks, according to Louisiana Gov. John Bel Edwards, who spoke at the National Governors Association's biennial National Summit on State Cybersecurity. "Two of the most critical actions that I took as governor were establishing the Louisiana Cybersecurity Commission and developing a statewide incident response plan. One of the most critical things you can do as a state is to have a cyber emergency preparedness plan that has been battle-tested and validated," he said.

The FBI is cautioning companies to beware of a slew of voice phishing attacks aimed at capturing the login credentials of employees. In an advisory released last Thursday, the FBI revealed that as of December 2019, cybercriminals have been working together on social engineering campaigns targeting employees at large firms both in the US and abroad. The criminals are taking advantage of VoIP platforms to launch voice phishing, or vishing, attacks.

The Federal Bureau of Investigation has issued a Private Industry Notification to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms. An observed shift in tactics, the FBI says, is the targeting of all employee credentials, not exclusively of those individuals who might have higher access and privileges based on their corporate position.

The Federal Bureau of Investigation has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts and credentials for network access and privilege escalation from US and international-based employees. In multiple cases, once they gained access to the company's network, the threat actors gained greater network access than expected allowing them to escalate privileges using the compromised employees' accounts.

The FBI has alerted companies in the private sector to a spate of attacks using the Egregor ransomware. Egregor - the name of which refers to an occult term meant to signify the collective energy or force of a group of individuals-is indeed the work of a "Large number of actors" and is operating as a ransomware-as-a-service model, according to the FBI. "Because of the large number of actors involved in deploying Egregor, the tactics, techniques and procedures used in its deployment can vary widely, creating significant challenges for defense and mitigation," the FBI said.

Offered under a Ransomware-as-a-Service business model, the Egregor ransomware poses a great threat to businesses due to the use of double extortion, a recent private industry notification from the Federal Bureau of Investigation warns. Initially observed by the FBI in September 2020, Egregor has claimed more than 150 victims to date, all around the world.