Security News

Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. "The State Department is implementing a new policy today that will allow the imposition of visa restrictions on individuals involved in the misuse of commercial spyware," Blinken said.

The FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations. A botnet for probing critical infrastructure organizations.

Chinese attackers are preparing to "Wreak havoc" on American infrastructure and "Cause societal chaos" in the US, infosec, and law enforcement bosses told a US House committee on Wednesday. The hearing coincided with the FBI's confirmation that it obtained search warrants and issued a remote kill command to wipe Volt Typhoon's botnet after the Chinese crew infected hundreds of end-of-life routers and attempted to break into American critical infrastructure targets.

The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in a November 2022 credential stuffing attack. One month later, DraftKings said it had refunded hundreds of thousands of dollars stolen from 67,995 customers whose accounts were hijacked in the incident.

The US Justice Department and FBI may have scored a win over Chinese state-sponsored snoops trying to break into American critical infrastructure. Law enforcement obtained a court order granting them permission to "Remotely disable aspects of the Chinese hacking campaign."

A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer of the notorious Pegasus spyware, back in November 2021 and asked the court to permanently ban NSO from using any Apple software, services, or devices.

The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.

Two US government agencies, the Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation, warned on Wednesday that drones made in China could be used to gather information on critical infrastructure. How Wi-Fi spy drones snooped on financial firm FCC suggests licensing 5GHz spectrum to drone operators Wing, Alphabet's drone delivery unit, designs bigger bird to deliver pasta, faster US lawmakers have Chinese LiDAR on their threat-detection radar.

The United States government has recommended that Conor Brian Fitzpatrick, the creator and lead administrator of the now-defunct BreachForums hacking forums, receive a sentence of 15 years in prison. "The defendant's administration of BreachForums played an instrumental role in bringing together more than 300,000 members to solicit, distribute, and access thousands of breached databases containing the stolen data of hundreds of companies, organizations, and governmental organizations of varying size and the PII of millions of U.S. persons," reads the sentencing proposal.

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. The now-executed seizure warrant was submitted by Special Agent Jollif of the United States Secret Service to recover funds stolen in a fake Norton subscription renewal email that led to the threat actor gaining access to a victim's PC and bank account.