Network credentials and virtual private network (VPN) access for colleges and universities based in the US are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber-attacks against individual users or affiliated organizations," the US Federal Bureau of Investigation (FBI) said in an advisory published last week. See: https://www.ic3.gov
Three people were handed years-long sentences in federal court on Wednesday for a range of crimes connected to a widespread hacking and identity theft campaign. Alessandro Doreus, Jean Elie Doreus Jovin and Djouman Doreus pleaded guilty to conspiracy to commit fraud and aggravated identity theft in September 2021. Prosecutors said they defrauded hundreds of people from 2015 to 2020 by gaining access to Social Security numbers, account numbers, usernames and passwords.
A US District Judge gave
The US government is sounding the alarm after discovering new custom tools capable of full system compromise and disruption of ICS/SCADA devices and servers. Investigators reported that a custom-made, modular ICS attack framework can be used to disrupt and/or destruct devices in industrial environments.
A joint advisory from the Department of Energy, CISA, NSA, and the FBI warned that unidentified APT actors have created specialized tools capable of causing major damage to PLCs from Schneider El
In the US, the FBI has issued an alert about the RagnarLocker ransomware group targeting at least 52 entities across 10 critical infrastructure sectors. The FBI recently released a flash alert, warning users and organizations in the US to remain vigilant about the RagnarLocker ransomware group's growing footprint. "As of January, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufact
The FBI has seized 39.9 bitcoins from an alleged affiliate of the notorious REvil ransomware group, which has been tied to illicit profits of more than $200 million. The seizure occurred 03 August 2021 and was reported on 30 November 2021 in a complaint for forfeiture filed by acting U.S. Attorney Chad E. Meacham in the U.S. District Court for the Northern District of Texas, backed by FBI Special Agent Joshua Jacobs. It says the funds were seized from an Exodus wallet, which refers to a piece of
- Red Sky Alliance identified 22,393 connections from new IP’s checking in with our Sinkholes
- Analysts identified 5,918 new IP addresses participating in various Botnets
- Firsttheberg.net in France has a Compromised IP
- MBR Attacks
- Abcbot Linux Malware
- Not Just the CISOs Problem
- Swedish Spoof
- The FBI is Cold?
- Lazarus Still Around
- UK Gamers
Link to full report: IR-21-323-001_weekly323.pdf
There was an old 60’s movie called, The Spy who came in from the Cold. Well the FBI could be sidelined in new cybersecurity legislation and left out in the cyber security cold. In the view of America’s most powerful law enforcement agency, that could be a big problem.
In testimony to the US Congress, the current assistant director of the FBI’s Cyber Division, said that the Biden administration is “troubled” by legislation proposed by the US Senate and House Homeland Security committees requiri
Federal law enforcement officials announced on 26 October 2021 that a wide-ranging, global illicit drug crackdown yielded 150 arrests and the seizure of more than $31.6 million in cash and virtual currencies. The 10-month law enforcement initiative called Operation Dark HunTOR, after the encrypted Internet tool, was conducted in partnership with international counterparts. The operation produced 234 kilograms (500 lbs.) of seized drugs. Of those arrested, 65 were in the US and the remaining w
Officials cite "ongoing malicious cyber activity by cyber threat actors targeting the information technology and operational technology networks, systems and devices" of US water and wastewater systems.
The advisory co-authored by the FBI, Cybersecurity, and Infrastructure Security Agenc
The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.
Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for
“Oh Romeo, Romeo wherefore art thou Romeo?” The FBI is warning the public that a massive spike of online romance scams this year caused many Americans to lose more than $113 million since the start of 2021. The scammers behind this type of online fraud trend (also known as confidence fraud) which can lead to significant financial losses and devastating emotional scars use fake online identities to gain potential victims' trust on dating or social media platforms.
After the victims are lured in
What if three disgruntled employees left your organization and took top secret information to a competing company? What repercussions would follow and how would it impact your business? In many cases, there would be a lawsuit. In this case, there was federal prosecution and a cybersecurity threat.
The US Department of Justice (DOJ) released a shocking statement on 16 September 2021, which explains the scenario at the federal level. Three men, who formerly worked for the US intelligence communi
Did you ever wonder how a can of green beans gets to the shelf of your supermarket? Well, from planting the seeds, harvesting the crop, canning the beans, and pushing them to market – is all called the ‘Food Supply Chain.’ Now cyber-attackers are targeting our food supply chain and the Jolly Green Giant ain’t so happy.
The US Federal Bureau of Investigation (FBI) has issued a new alert on 06 September 2021 warning companies in the food and agricultural sector that they are increasingly at risk
Post offices in the US still post the FBI’s Most Wanted List. The wanted criminal profiles are normally in a locked glass case somewhere in the lobby. A looked at the photos and associated descriptions, it is amazing that even in our digital world -criminals can still commit major crimes and still lurk without leaving a digital sign for authorities to follow. But cyber criminality is here and now and pose a huge threat to everyone, in any country. Now the US Secret Service is asking for our
The US has seized the domains of 36 websites linked with Iran and Iraq for allegedly publishing disinformation and running malicious influencing campaigns targeting Americans, the Justice Department says. Thirty-three of the websites belong to the Iranian Islamic Radio and Television Union, or IRTVU, and three belong to Kata’ib Hizballah, or KH, a paramilitary group based in Iraq. KH has been designated as a foreign terrorist organization since 2009, and IRTVU was put under sanctions in Octobe
The US federal authorities will soon begin sharing hashes of compromised passwords found in the course of its cybercrime investigations with Have I Been Pwned (HIBP), the data breach notification service. The password hashes will contribute to Pwned Passwords, a service used to help warn users against reusing passwords that have been leaked in data breaches, says Troy Hunt, the Australian developer who created Have I Been Pwned
The stolen and leaked data the FBI comes across in investigations,
A few days after the Colonial Pipeline was attacked, a former law enforcement source close to the company told Red Sky Alliance that law enforcement officials used a cyber type ‘dye pack’ to track the Bitcoin Colonial ransom payment. A traditional dye pack is used in banks to be used during a bank robbery. The robbers take the cash bundle with the dye pack and within minutes, the dye pack ignites and paints the robber with a dye, so responding police can identify the fleeing felon. The federa
Recently a trusted cyber professional of Red Sky Alliance, with close to 40 years in the business said, “As cyber technology grew in the last thirty plus years, our international community sacrificed security for convenience.” So true.
Now we ask: if a Russian cyber-criminal group or the North Korean military hacks your company, places ransomware on your network because of corporate carelessness and then demands millions to unlock your valuable data - at that point - does it really matte
China, Russia, North Korea, and Iran continue to pose significant cybersecurity threats to the US, because each is capable of launching disruptive attacks, according to a report published 13 April 2021 by the Office of the Director of National Intelligence.
Threats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal
In August 2020, the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware. The entire report can be viewed here
The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers. The FBI says, “The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, whose activity is sometimes identified by the private sector
Note: this page contains paid content.
Please, subscribe to get an access.