May 3, 2024 at 03:24PM The NSA and FBI warned of APT43, a North Korea-linked hacking group exploiting weak DMARC policies to launch spearphishing attacks. The attacks aim to gather intelligence on geopolitical events and gain access to private documents and communications. To mitigate this, organizations are advised to update their DMARC policies to prevent … Read more
May 3, 2024 at 09:10AM CISA and the FBI issued a Secure by Design Alert about path traversal software vulnerabilities targeting critical infrastructure. These flaws enable unauthorized access to application files and directories, allowing threat actors to compromise systems. Urging organizations to eliminate these defects, the agencies emphasize a secure software development lifecycle and suggest … Read more
April 25, 2024 at 05:19PM The FBI warned against using unlicensed cryptocurrency platforms due to financial risks and potential law enforcement takedowns. It advised checking for Money Services Business registration, providing KYC information, and being cautious with cryptocurrency services. This comes after the takedown of Samourai, its founders’ charges for money laundering, and the substantial … Read more
April 19, 2024 at 04:46PM FBI Director Wray warned about the significant threat posed by China-backed hackers to US national and economic security. He highlighted the malicious intentions of Chinese cyber attackers and urged immediate action from both private industry and government to fortify networks and respond to attacks. Additionally, he emphasized the need for … Read more
April 16, 2024 at 01:58PM The FBI has issued a warning about a widespread smishing campaign targeting people with messages claiming they have unpaid tolls to resolve, aiming to steal credentials and defraud them. The campaign, affecting at least 3 US states and over 2,000 people, prompts users to click a link and enter sensitive … Read more
March 15, 2024 at 02:08PM The U.S. Department of Justice has recovered $2.3 million in cryptocurrency related to a pig butchering fraud scheme. The scam involved deceiving victims into depositing cryptocurrency into fake investment sites, resulting in significant financial losses. The DOJ traced the recovered funds to 36 victims across the country. The FBI warned … Read more
February 7, 2024 at 05:53PM The US government warns that beyond Volt Typhoon, other Chinese cyber espionage groups are infiltrating critical American infrastructure, seeking to steal data and disrupt operations. Concerns about potential sabotage and data theft persist, prompting collaboration between government agencies and critical industry sectors to identify and eliminate compromised systems. This raises … Read more
February 1, 2024 at 04:06AM U.S. officials disrupted a state-backed Chinese cyberattack targeting civilian infrastructure, aiming to cause harm during a potential conflict. FBI Director Wray warned of China’s plans to disrupt American lives. The operation targeted routers and critical infrastructure, with concerns about Chinese hackers infiltrating U.S.-based systems. The U.S. aims to counter such … Read more
January 31, 2024 at 11:15AM CISA and the FBI have issued a warning to small office/home office (SOHO) router manufacturers to enhance security against attacks by Chinese state-backed hacking group Volt Typhoon. The agencies urge eliminating vulnerabilities, automating security updates, and safeguarding against Volt Typhoon activity. This follows ongoing attacks targeting U.S. critical infrastructure organizations … Read more
January 30, 2024 at 04:31PM The U.S. Department of Justice arrested and charged suspects involved in hacking almost 68,000 DraftKings accounts in a credential stuffing attack. Three defendants were charged, with two selling access to accounts that were compromised, leading to a loss of $635,000. Similar attacks affected FanDuel and Chick-fil-A. Automated tools and stolen … Read more