Security News
Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers - in the form of a warning that Russia may try again, so owners of the devices should take precautions. Moobot allowed GRU and its minions to install and run scripts to build a 1,000-strong botnet, which it used for power phishing, spying, credential harvesting, and data theft.
The Department of State announced last week that it was offering $10 million for information identifying key leaders in the ALPHV ransomware gang or their locations, and $5 million for information leading to the arrest or conviction of anyone "Participating in or conspiring or attempting" to use the gang's notorious ransomware. ALPHV has made a habit of going after critical infrastructure targets, and last week claimed responsibility for an attack on the company operator of the Canadian Trans-Northern Pipelines, allegedly stealing around 190GB of data.
The US government today said it disrupted a botnet that Russia's GRU military intelligence unit used for phishing expeditions, spying, credential harvesting, and data theft against American and foreign governments and other strategic targets. Then the GRU spying team used Moobot to install their own bespoke scripts and files that repurposed the botnet, thus "Turning it into a global cyber espionage platform," according to the Feds.
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored...
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for...
Those who frequent the space are now bombarded by what appears to be an endless stream of malicious ads. "Im not lying when I say EVERY single ad I am seeing on X is a scam link targeted at crypto to drain peoples wallets," reads a post on X. While attackers have been abusing X's ad platform for some time, the sheer volume of malicious ads has increased rapidly over the past month, causing security researcher MalwareHunterTeam to track them.
Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine. Components "With the same make, model and part number shipped by defendants have been found in seized Russian weapons platforms and signals intelligence equipment in Ukraine," the government alleged.
An urgent ransomware warning from the Feds has some industry analysts scratching their heads and wondering if Uncle Sam's noggin has been buried in the sand for too long. On September 27, the FBI issued a security alert about "Two trends emerging across the ransomware environment." The first, according to agents, is dual ransomware infections.
A privacy panel within the US government today narrowly recommended that Congress reauthorize the Feds' Section 702 spying powers - but with some stronger protections for US citizens only. The Privacy and Civil Liberties Oversight Board voted 3-2 on party lines to support all 19 recommendations in the Section 702 report, including one that would tighten rules on FBI agents to get approval from the secretive Foreign Intelligence Surveillance Court to review Americans' electronic communications.