Security News

Warrantless searches of US residents' communications by the FBI dropped sharply last year - from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam. For one, the FBI changed the methodology used to calculate the number of Section 702 searches, and says previous years' reports used duplicative counting methods.

Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company's Cobalt Strike software to distribute malware. The US District Court for the Eastern District of New York on March 31 issued a court order allowing Microsoft and Fortra to take down IP addresses that are hosting cracked versions of Cobalt Strike and seize the domain names.

The US Department of Justice has seized cryptocurrency worth about $112 million from accounts linked to so-called pig butchering investment scams. Judges in Arizona, California and Idaho authorized seizure warrants for six virtual currency accounts that prosecutors say were used to launder proceeds of the various frauds that cost victims millions of dollars after they were socially engineered into investing their savings in dodgy digicash schemes.

Meet the newest member of the crypto rogues' gallery: Ho Wan Kwok, aka Guo Wengui, aka Miles Guo, whom the US Department of Justice on Wednesday arrested over what investigators have described as a "Sprawling and complex scheme to solicit investments in various entities and programs through false statements and representations to hundreds of thousands of Kwok's online followers." One of Guo's operations was called Himalaya Exchange.

The risks you introduce by taking your eyes off the ransomware threat in 2023 to focus on the next, old-is-new-again shiny topic are similar to the risks you would have faced if you started focusing exclusively on ransomware a few years ago, when it was the hot new fear of the day. These include using phishing, searching out improperly-configured RDP servers, looking for unpatched online services on your network, or simply by buying up access credentials from crooks who were in before them.

The White House has ordered all federal government employees to delete TikTok from work devices, over fears the video-sharing app could be used to spy on Americans. TikTok has been downloaded by billions of people around the world, and is particularly popular among young people - but the US government believes that data could be shared with the Chinese government.

The US Department of Justice asked the judge hearing its antitrust case against Google to sanction the search advertising giant for destruction of evidence. The case has since progressed into the discovery phase and now the DoJ contends that Google has ignored its responsibility to preserve evidence relevant to the case.

The US Department of Justice unsealed a 16-count indictment today accusing five Russians, an American citizen, and a lawful permanent US resident of smuggling export-controlled electronics and military ammunition out of the United States for the Russian government. Alexey Brayman, the lawful permanent US resident; and Vadim Yermolenko, the US citizen, were both apprehended in the United States.

Pig butchering is a newish twist on romance scams in which fraudsters build a relationship with their victims and then con them into transferring money into accounts controlled by the crooks. While the court documents remain sealed, we're told that fraudsters tricked five victims in the US between May and August into transferring their money to the seven now-seized domains designed to look like the Singapore International Monetary Exchange.

A crook who stole more than 50,000 Bitcoins from the dark web souk Silk Road in 2012 has pleaded guilty and lost the lot, with a stretch behind bars likely ahead of him. James Zhong, 32, admitted committing wire fraud in September 2012 by creating nine Silk Road accounts he used to trigger "Over 140 transactions in rapid succession in order to trick Silk Road's withdrawal-processing system," the US Department of Justice said Monday.