Security News

Threat actors are targeting K-12 educational institutions in the United States to deploy ransomware, steal data, or disrupt distance learning services. In a joint alert this week, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center warned of continuous attacks targeting K-12 educational institutions.

The FBI has warned of an increasing number of scammers preying on unemployed Americans by trying to recruit them into their money mule schemes and use them to launder funds obtained via fraud, online scams, and other types of criminal activities. The FBI provides a list of signs that you may be a money mule without even knowing it and measures to protect yourself from money mule schemes.

The Federal Bureau of Investigation has issued a notification to warn organizations of scammers setting up auto-forwarding email rules to facilitate business email compromise schemes. Cybercriminals are exploiting the mass shift to telework during the COVID-19 pandemic to conduct malicious operations, including BEC scams that are more likely to succeed due to the targeting of an email rule forwarding vulnerability.

Threat actors are continuously targeting United States think tanks, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warn. The adversaries, CISA and the FBI say in an advisory this week, attempt initial access through spear-phishing and third-party messaging services, targeting both corporate and personal accounts of intended victims.

They also provided a set of extensive mitigation measures to be immediately implemented by think tank organizations' leaders, staff, and IT staff to strengthen their security posture and defend against ongoing attacks by nation-state hacking groups. The FBI also issued a 'TLP:WHITE' private industry notification in April 2020 regarding the continued targeting of US think tanks by state-backed APT groups since at least 2014, with the end goal of gaining access to and exfiltrating sensitive information.

The FBI is warning US companies about scammers actively abusing auto-forwarding rules on web-based email clients to increase the likelihood of successful Business Email Compromise attacks. BEC scammers used email rules added to the target' web-based email clients to hide their activity while impersonating employees or business partners.

In addition to spoofed domains, state-sponsored actors and cybercriminals are leveraging spoofed email accounts to trick unsuspecting victims into revealing sensitive, personal information. "Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses," the FBI warns.

The U.S. Federal Bureau of Investigation is warning the general public of the risks behind recently registered FBI-related domains that spoof some of the federal law enforcement agency's official websites. "The FBI observed unattributed cyber actors registering numerous domains spoofing legitimate FBI websites, indicating the potential for future operational activity."

The U.S. Federal Bureau of Investigation Cyber Division has warned private industry partners of increased Ragnar Locker ransomware activity following a confirmed attack from April 2020. Ragnar Locker actors will manually deploy the ransomware payloads to encrypted the victims' systems after a reconnaissance stage to help them discover network resources, company backups, and various other sensitive files to be collected for data exfiltration.

The FBI and Spokane police are now investigating an incident in which the Gonzaga University Black Student Union was hacked during a Zoom meeting and bombarded with racial and homophobic slurs. The incident occurred last Sunday during a virtual call among members of the Black Student Union.