August 29, 2024 at 02:53PM RansomHub ransomware, active since February 2024, has targeted over 200 victims in critical U.S. infrastructure sectors. The group focuses on data-theft-based extortion, with recent breaches including Patelco, Rite Aid, Christie’s, and Frontier Communications. A joint advisory by federal agencies urges network defenders to implement security measures and avoid paying ransoms. … Read more
August 28, 2024 at 08:56AM The FBI, CISA, and the Department of Defense Cyber Crime Center jointly warn network defenders of ongoing cyber exploitation by an Iran-based group targeting U.S. and foreign organizations. The advisory details the threat actors’ tactics, techniques, and procedures, and provides indicators of compromise. Organizations are urged to follow recommended mitigations … Read more
August 8, 2024 at 10:51AM CISA and the FBI confirmed that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged. BlackSuit gang has been active since September 2022 and is linked to attacks against over 350 organizations. They sought ransom payments in Bitcoin, with the largest demand … Read more
July 31, 2024 at 01:56PM CISA and the FBI assure that DDoS attacks on election infrastructure may hinder public access to information but won’t compromise the integrity or security of the 2024 U.S. general election. Official sources should be consulted for election-related info, and any suspicious activity should be reported to the FBI. Such attacks … Read more
June 22, 2024 at 03:14PM The BlackSuit ransomware gang caused a massive IT outage at CDK Global, affecting North American car dealerships. CDK is negotiating with BlackSuit for a decryptor and to prevent data leaks. The outage led to manual operation of car dealerships. Major companies like Penske Automotive Group and Sonic Automotive were also … Read more
May 27, 2024 at 09:06AM Microsoft has highlighted a cybercrime group, Storm-0539, responsible for sophisticated email and SMS phishing attacks, primarily aimed at stealing and selling gift cards. The group targets large retailers and utilizes tactics to evade detection, such as using cloud infrastructure and legitimate platforms. Microsoft advises companies to implement additional security measures … Read more
May 17, 2024 at 12:58PM The U.S. Justice Department charged five individuals, including a U.S. Citizen woman and a Ukrainian man, for their involvement in North Korea’s cyber schemes to infiltrate U.S. job markets and generate revenue for the country’s nuclear weapons program. The State Department announced a reward of up to $5 million for … Read more
May 17, 2024 at 12:06PM The U.S. Justice Department charged five individuals, including a U.S. citizen woman and a Ukrainian man, for involvement in cyber schemes allegedly directed by the North Korean government to generate revenue for its nuclear program. The schemes involved fraud and money laundering, with two individuals arrested and charges carrying potential … Read more
May 17, 2024 at 06:18AM The U.S. Justice Department charged five individuals, including a U.S. citizen woman, a Ukrainian man, and three foreign nationals, for participation in cyber schemes benefiting North Korea’s nuclear weapons program. The defendants are accused of fraud, money laundering, and identity theft, with alleged involvement in a campaign to infiltrate U.S. … Read more
May 16, 2024 at 03:24PM The U.S. Justice Department charged five individuals, including a U.S. citizen and a Ukrainian man, for involvement in cyber schemes benefitting North Korea’s nuclear weapons program. Two were arrested and face charges related to fraud, identity theft, and money laundering. The scheme compromised over 60 U.S. identities and generated at … Read more