13 May 2020

CISA and FBI Release List of Top 10 Routinely Exploited Vulnerabilities

A list of the top 10 routinely exploited vulnerabilities has been provided in a new joint alert distributed via the U.S. CERT website.  This alert was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader US Government to provide technical guidance for security professionals in both the public and private sectors. This document aims to draw awareness to the most common vulnerabilities being exploited by threat actors. Foreign cyber actors frequently exploit dated and publicly known software vulnerabilities, as they often require fewer attacker resources. Therefore, the public and private sectors could mitigate some foreign cyber threats to US interests through an increased effort to patch their systems in accordance with the vulnerabilities listed in the alert.

Read More
20 Apr 2020

Zoom Bombing Attack Hits U.S. Government Meeting

According to an internal letter released by the government, a recent US House Oversight Committee meeting was the victim of a Zoom-bombing attack. The committee meeting was disrupted at least three times by uninvited individuals. The incident was disclosed in an internal letter from two representatives, Jim Jordan and Carolyn

Read More
16 Apr 2020

US issues guidance on North Korean hackers, offers $5M reward

The US government issued a statement in which they offered guidance on North Korean hacking activity. The document, which is a joint advisory, was published by several government entities, including the US Department of State, Treasury, Homeland Security, and the FBI. The report estimates that last year, North Korean hackers

Read More
16 Apr 2020

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

The FBI has confirmed that agencies aiming to but items like ventilators have unknowingly been conned into a BEC scam in which they transfer funds to threat actors rather than legitimate organizations. There has been a shortage of personal protective equipment (PPE) in American hospitals across the country, and the

Read More
07 Apr 2020

FBI warns again of BEC scammers exploiting cloud email services

The FBI issued a warning to the public yesterday, stating that its Internet Crime Complaint Center (IC3) has received numerous reports of cybercriminals abusing could based email services in Business Email Compromise (BEC) attacks. This marks the second time within the past month that the FBI has warned of BEC

Read More
28 Feb 2020

FBI Says $140+ Million Paid to Ransomware, Offers Defense Tips

The FBI stated that after analyzing collected ransomware bitcoin wallets and ransom notes, they have determined that ransomware operators have received roughly $140 million in payments over the last six years. At the RSA security conference earlier this week, an FBI agent explained how he analyzed the collected data to

Read More
25 Feb 2020

FBI Arrests Man on Political Cyber-attack Charges

On Friday, the FBI arrested 32-year-old Arthur Dam on charges of masterminding a series of DDoS attacks that targeted an opponent of former congresswoman Katie Hill. Dam was arrested over suspicion of cyber attacking the websites of Hill’s rival in April and May of 2018, causing the website to be

Read More
12 Feb 2020

FBI: Cybercrime Victims Lost $3.5 Billion in 2019

The FBI reported that cybercrime in 2019 resulted in a $3.5 billion individual and business loss. The FBI’s Internet Crime Complaint Center (IC3) published its 2019 Internet Crime Report, which revealed that the FBI received over 460,000 complaints in 2019. The report also stated that the agency received close to

Read More
11 Feb 2020

FBI warns about ongoing attacks against software supply chain companies

The FBI has administered a security alert to the US private sector warning them about an ongoing campaign that is specifically targeting supply chain software providers. The campaign aims to infect companies with the Kwampirs malware, which is classified as a remote access trojan. The FBI stated that the same

Read More
05 Feb 2020

FBI Warns of DDoS Attack on State Voter Registration Site

The FBI warned the public of a potential DDoS attack that was aimed towards a state voter registration and information site. The warning was sent via a Private Industry Notification on Tuesday, stating that the website had received anomalous Domain Name System (DNS) requests that are consistent with a Pseudo-Random

Read More