Security News

Iranian cyber actors are likely behind a campaign that encouraged deadly violence against U.S. state officials certifying the 2020 election results. Titled "Enemies of the People," the website was created on December 6, and by the middle of the month included personal details of individuals that did not support the current U.S. President's claims of voter fraud.

The American Civil Liberties Union announced on Tuesday that it has filed a lawsuit against the FBI in an effort to find out how the law enforcement agency can access information stored on encrypted devices. The FBI has often turned to third parties for help in accessing information stored on encrypted devices, but it has come to light in recent court documents that the agency's Electronic Device Analysis Unit has been acquiring solutions that can help it break into encrypted devices on its own.

US federal agencies have warned about scammers exploiting the public's interest in the COVID-19 vaccine to harvest personal information and steal money through multiple ongoing and emerging fraud schemes. Potential indicators of such fraudulent activity highlight by the FBI include offers for early access to vaccines conditioned by payment in advance, requests to pay out to receive a vaccine or to get added to a waiting list, and offers to ship doses of the vaccine in exchange of money transfers.

The FBI has been tasked with collecting intelligence that can help attribute the attack to a threat actor and disrupt their activities. The agency is also working with victims to obtain information that can be useful to the government and network defenders.

The Federal Bureau of Investigation has released a Private Industry Notification to warn of DoppelPaymer ransomware attacks on critical infrastructure. DoppelPaymer emerged as a forked version of BitPaymer, both believed to be the work of TA505, the threat actor best known for the infamous Dridex Trojan and Locky ransomware families.

The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence. The National Security Council has established a Cyber Unified Coordination Group following the SolarWinds breach to help the intelligence agencies better coordinate the US government's response efforts surrounding this ongoing espionage campaign.

Threat actors are targeting K-12 educational institutions in the United States to deploy ransomware, steal data, or disrupt distance learning services. In a joint alert this week, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center warned of continuous attacks targeting K-12 educational institutions.

The FBI has warned of an increasing number of scammers preying on unemployed Americans by trying to recruit them into their money mule schemes and use them to launder funds obtained via fraud, online scams, and other types of criminal activities. The FBI provides a list of signs that you may be a money mule without even knowing it and measures to protect yourself from money mule schemes.

The Federal Bureau of Investigation has issued a notification to warn organizations of scammers setting up auto-forwarding email rules to facilitate business email compromise schemes. Cybercriminals are exploiting the mass shift to telework during the COVID-19 pandemic to conduct malicious operations, including BEC scams that are more likely to succeed due to the targeting of an email rule forwarding vulnerability.

Threat actors are continuously targeting United States think tanks, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warn. The adversaries, CISA and the FBI say in an advisory this week, attempt initial access through spear-phishing and third-party messaging services, targeting both corporate and personal accounts of intended victims.