December 8, 2023 at 01:32PM Ransomware gang ALPHV’s websites have been down for over 30 hours, suggesting a potential law enforcement operation. Admin claims the sites may be back soon, but remain down. Speculation on FBI involvement arises. ALPHV is believed to be a rebrand of DarkSide and BlackMatter, known for targeting critical infrastructure globally. … Read more
November 16, 2023 at 07:19PM The FBI is intensifying efforts to locate members of the Scattered Spider cyber-crime group, responsible for attacking major casinos and conducting network intrusions. The group exfiltrates data and demands payment in exchange for not leaking or selling the information. Several organizations, including MGM Resorts, experienced significant disruptions, resulting in financial … Read more
November 16, 2023 at 08:12AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and MS-ISAC have issued an advisory about the Rhysida ransomware. The threat actors behind Rhysida use a ransomware-as-a-service model and target organizations in various sectors. They exploit VPNs, the Zerologon vulnerability, and phishing campaigns to gain access to networks. Rhysida … Read more
November 15, 2023 at 12:51PM The FBI and CISA issued a warning about the Rhysida ransomware gang, which has been targeting organizations across various sectors. Rhysida gained notoriety after breaching the Chilean Army and targeting healthcare organizations. The advisory provides indicators of compromise and tactics used by Rhysida. The gang utilizes ransomware-as-a-service (RaaS) and exploits … Read more
November 15, 2023 at 09:10AM FBI Director Christopher Wray urged lawmakers to reject a proposed warrant requirement for accessing data obtained through FISA Section 702. This amendment to the Foreign Intelligence Surveillance Act, which allows warrantless surveillance of foreigners’ communications, also collects information on US persons. Wray emphasized the risks and resource limitations of implementing … Read more
November 14, 2023 at 06:31PM Russian and Moldovan national Sergei Makinin has been arrested in Florida for operating a botnet called IPStorm. Makinin admitted to violating US law by intentionally causing damage to protected systems. The botnet used the InterPlanetary File System (IPFS) to hide its activities and allow infected machines to be used as … Read more
November 14, 2023 at 09:53AM The FBI and CISA have released guidance on the Royal ransomware operation, suggesting that it may undergo a rebrand. The agencies have observed code overlaps and similarities in intrusion techniques between Royal and BlackSuit ransomware, indicating a potential rebrand or spinoff variant. The advisory provides information on the IOCs and … Read more
November 13, 2023 at 03:43PM The Royal ransomware gang has breached over 350 organizations worldwide since September 2022, demanding over $275 million in ransom. They conduct data exfiltration and extortion before encryption and will leak victim data if the ransom is not paid. The gang may be planning a rebranding initiative and a spinoff variant … Read more
October 24, 2023 at 12:30PM A former NSA employee, Jareh Sebastian Dalke, has pleaded guilty to charges of attempting to transmit classified defense information to Russia. Dalke used an encrypted email account to send excerpts of classified documents to an individual he believed to be a Russian agent, but was actually an FBI employee. He … Read more
October 19, 2023 at 12:34PM Law enforcement agencies, including Europol’s European Cybercrime Centre, the FBI, and Germany’s Bundeskriminalamt, have taken control of RagnarLocker ransomware group’s leak site in a coordinated effort. The takedown is part of a broader campaign to dismantle ransomware groups. RagnarLocker is known for targeting critical infrastructure and using a double extortion … Read more