December 14, 2023 at 05:03AM The FBI, CISA, and other US government agencies have issued a security advisory about the Karakurt extortion gang, notorious for using harassment and IT exploitation to demand ransoms ranging from $25,000 to $13 million in Bitcoin. The gang uses various tactics and tools to exfiltrate massive amounts of data, with … Read more
December 13, 2023 at 03:27PM French authorities arrested a Russian national in Paris for alleged involvement in money laundering related to the Hive ransomware gang. He was linked to receiving millions of dollars from suspicious sources through digital wallets. This follows the dismantling of Hive’s servers by the FBI and Dutch police, preventing significant ransom … Read more
December 13, 2023 at 11:59AM Summary: The FBI, CISA, NSA, SKW, CERT Polska, and NCSC released a report assessing Russian SVR cyber actors exploiting CVE-2023-42793 to target servers hosting JetBrains TeamCity software globally. The report provides IOCs and mitigations to assist organizations in detecting and countering these malicious actions. SVR cyber activity poses a persistent … Read more
December 12, 2023 at 06:00AM The FBI has issued guidance on SEC data breach reporting, including potential delays. SEC’s new cybersecurity rules require public companies to report material breaches within 4 days via Form 8-K. FBI clarifies that Justice Dept. can grant a 30-60 day delay for national security reasons, but delays can’t exceed 120 … Read more
December 11, 2023 at 10:17AM A Dark Web leak site operated by the ransomware group APLHV/BlackCat was taken offline by law enforcement action on Dec. 7, confirmed by threat intelligence experts. BlackCat/ALPHV has listed over 650 companies on its site since November 2021. Law enforcement scrutiny has increased due to cyberattacks by BlackCat/ALPHV affiliates like … Read more
December 8, 2023 at 01:32PM Ransomware gang ALPHV’s websites have been down for over 30 hours, suggesting a potential law enforcement operation. Admin claims the sites may be back soon, but remain down. Speculation on FBI involvement arises. ALPHV is believed to be a rebrand of DarkSide and BlackMatter, known for targeting critical infrastructure globally. … Read more
November 16, 2023 at 07:19PM The FBI is intensifying efforts to locate members of the Scattered Spider cyber-crime group, responsible for attacking major casinos and conducting network intrusions. The group exfiltrates data and demands payment in exchange for not leaking or selling the information. Several organizations, including MGM Resorts, experienced significant disruptions, resulting in financial … Read more
November 16, 2023 at 08:12AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and MS-ISAC have issued an advisory about the Rhysida ransomware. The threat actors behind Rhysida use a ransomware-as-a-service model and target organizations in various sectors. They exploit VPNs, the Zerologon vulnerability, and phishing campaigns to gain access to networks. Rhysida … Read more
November 15, 2023 at 12:51PM The FBI and CISA issued a warning about the Rhysida ransomware gang, which has been targeting organizations across various sectors. Rhysida gained notoriety after breaching the Chilean Army and targeting healthcare organizations. The advisory provides indicators of compromise and tactics used by Rhysida. The gang utilizes ransomware-as-a-service (RaaS) and exploits … Read more
November 15, 2023 at 09:10AM FBI Director Christopher Wray urged lawmakers to reject a proposed warrant requirement for accessing data obtained through FISA Section 702. This amendment to the Foreign Intelligence Surveillance Act, which allows warrantless surveillance of foreigners’ communications, also collects information on US persons. Wray emphasized the risks and resource limitations of implementing … Read more