Security News

The US Federal Trade Commission and Department of Justice Antitrust Division are launching a joint public inquiry as a first step to modernising merger guidelines and preventing anticompetitive deals. FTC chair Lina Khan said it was time for a merger review because the number of global deals reached in 2021 was the highest ever recorded - at a whopping $5.8 trillion - with the DoJ receiving twice the number of merger filings as in 2020.

A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials. The phishing campaign has been ongoing for at least a couple of months and utilizes over ten different phishing sites impersonating the government agency.

More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government. The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.

U.S. Cyber Command has confirmed that MuddyWater - an advanced persistent threat cyberespionage actor aka Mercury, Static Kitten, TEMP.Zagros or Seedworm that's historically targeted government victims in the Middle East - is an Iranian intelligence outfit. On Wednesday, USCYBERCOM not only confirmed the tie; it also disclosed the plethora of open-source tools and strategies MuddyWater uses to break into target systems and released malware samples.

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation. For legal reasons, the FBI did not monitor outgoing messages from Anom devices determined to be inside the U.S. Instead, the Australian Federal Police monitored them on behalf of the FBI, according to previously published court records.

The Austrian data protection authority has ruled that use of Google Analytics by a German company is in breach of European law in light of the Schrems II EU-US data sharing ruling. Datenschutzbehörde, or DSB, has found that a German publisher, not named in the case, was in breach of Article 44 of the General Data Protection Regulation in the use and operation of Google Analytics - commonly used throughout web publishing and ecommerce - because of its movement of personal data to the United States.

The U.S. Cyber Command on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber National Mission Force said in a statement.

US Cyber Command has officially linked the Iranian-backed MuddyWatter hacking group to Iran's Ministry of Intelligence and Security. MOIS is the Iran government's leading intelligence agency, tasked with coordinating the country's intelligence and counterintelligence, as well as covert actions supporting the Islamic regime's goals beyond Iran's borders.

Organizations need to be vigilant for such attacks and make sure they have the means to prevent or combat them. "The advisory doesn't mention the current Russian-Ukraine tensions, but if the conflict escalates, you can expect Russian cyber threats to increase their operations," said Rick Holland, chief information security officer at Digital Shadows.

The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors, orchestrated by Russian-backed hacking groups. "In some cases, Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology/industrial control systems networks with destructive malware."