Security News
Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.
The Federal Bureau of Investigation has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. "The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors," the federal law enforcement agency said.
A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.
The US Dept of Commerce's Bureau of Industry and Security has added 27 companies to its list of entities prohibited from doing business with the USA on grounds they threaten national security - and one of the firms is associated with HPE's Chinese joint venture H3C. A preliminary announcement [PDF] of the bans lists a company named New H3C Semiconductor Technologies Co., Ltd on the grounds of its "Support of the military modernization of the People's Liberation Army.". The addresses given by Uncle Sam for this semiconductor business matches those listed on the website of H3C, the Chinese company formed as a joint venture between HPE and Tsinghua Unigroup to build networking products.
The US Securities and Exchange Commission has issued numerous warnings over the years about fraudsters attempting to adopt the identity of SEC officials, including by phone call spoofing. Call spoofing is where a scammer calls you up on your landline or mobile phone, claims to be from organisation X, and then reassures you by saying, "If you don't believe me, check the number I'm calling from."
De Rose allegedly conspired with members of a gang known as The Community to defraud someone identified in court as "RM". He is currently contesting extradition to the US to stand trial on wire fraud, theft, and money laundering charges. De Rose's extradition hearing comes after the National Crime Agency arrested eight men aged between 18 and 26 back in February on suspicion of carrying out SIM-swap attacks targeted at US citizens.
An alert issued Monday by the Cybersecurity and Infrastructure Security Agency and the FBI urged organizations to be on guard for ransomware attacks that take advantage of worker downtime during Thanksgiving. Launching cyberattacks during a holiday or even a weekend is hardly a new strategy for criminals.
IPs are their faceless proxy army and if you want to get to the attackers, you need first to burn that IP army down. Most attacks leave traces in different systems, service or application logs that can give indications on the attacker's IPs and attack types.
The Cybersecurity and Infrastructure Security Agency and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season. The two federal agencies' warning was issued in the form of a joint advisory published Monday, "Based on observations on the timing of high impact ransomware attacks that have occurred previously rather than a reaction to specific threat reporting."
The Securities and Exchange Commission has warned US investors of scammers impersonating SEC officials in government impersonator schemes via phone calls, voicemails, emails, and letters. The alert comes from SEC's Office of Investor Education and Advocacy, which regularly issues warnings to inform investors about the latest developments in investment frauds and scams.