January 30, 2024 at 01:24PM The US Justice Department and FBI reportedly thwarted Chinese state-sponsored hackers targeting American critical infrastructure by obtaining a court order to remotely disable aspects of the Chinese hacking campaign. The hackers used vulnerable Internet-facing devices to access networks and steal sensitive data, prompting concerns about potential disruption of US critical … Read more
January 30, 2024 at 09:42AM The US government has disrupted parts of a major hacking campaign linked to China, targeting critical infrastructure. The FBI and Justice Department have been authorized to disable aspects of a Chinese cyber operation called Volt Typhoon. This threat actor has reportedly targeted the US, UK, and Australia, leading to concerns … Read more
January 17, 2024 at 11:36AM CISA and FBI have issued a joint advisory warning about Androxgh0st malware creating a botnet to target vulnerable networks. The malware primarily targets .env files containing sensitive information for AWS, Microsoft Office 365, SendGrid, and Twilio. It can abuse SMTP for scanning, exploit stolen credentials and APIs, and deploy web … Read more
January 17, 2024 at 06:39AM CISA and FBI warn of AndroxGh0st malware creating a botnet for victim identification and exploitation. Capable of infiltrating servers with known security flaws, it targets credentials for platforms like AWS and Microsoft Office 365. Features enable SMTP abuse and persistent access to compromised systems. Related tools include FBot and spike … Read more
January 16, 2024 at 10:23AM The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) outlining indicators of compromise (IOCs) and tactics related to Androxgh0st malware. The advisory includes specific recommendations for mitigating cybersecurity incidents caused by Androxgh0st infections. The malware targets websites using Laravel and Apache HTTP Server, and allows threat actors to … Read more
January 5, 2024 at 03:08PM BreathForums admin Conor Fitzpatrick was re-arrested for violating pretrial conditions, including using an unmonitored computer and a VPN. He openly admitted to being the threat actor “Pompourin” and creating BreachForums to leak stolen data. Fitzpatrick was charged with theft and sale of sensitive personal information and will remain in custody. … Read more
January 5, 2024 at 09:44AM Cybercriminal Pompompurin, aka Conor Brian Fitzpatrick, was arrested for violating pretrial release conditions, leading to custody until sentencing. Facing charges for access device fraud, child sex abuse material possession, and operating BreachForums. October’s sentencing postponed to January due to a pending evaluation. Fitzpatrick’s site sparked numerous cybercrimes and continues under … Read more
December 20, 2023 at 03:40PM BlackCat/ALPHV ransomware leaders claim they’ve restarted operations on their primary blog despite DOJ’s control. In response to law enforcement actions, they’ve lifted ban on cyberattacks against critical infrastructure. However, experts doubt their quick comeback ability. FBI seized server and data, but BlackCat set up a new site. Cybersecurity insiders warn … Read more
December 19, 2023 at 06:50PM The US Department of Justice took down the ALPHV/BlackCat leak sites and infiltrated the ransomware group, potentially forcing its leadership into retirement and affiliates to find a new operator. The FBI is offering a free decryptor to help over 500 victims. The law enforcement action is intended to disrupt cybercrime … Read more
December 19, 2023 at 01:57PM The US government disrupted the BlackCat ransomware-as-a-service, providing a decryption tool for affected organizations. The operation, also known as ALPHV, extorted around $68 million. Infiltrating the group, officials seized websites and revealed the gang’s tactics. BlackCat targeted sensitive data, including healthcare and critical infrastructure installations, causing widespread disruption. Key takeaways … Read more