X-Industry

No charging station is safe, as the FBI is warning travelers looking to charge their devices in airports, hotels, and coffee shops that "Juice Jacking" is a thing as bad actors are using public chargers and even free cables and charging plugs to infect phones and other devices with malware.[1]

According to an FBI "Scams and Safety" brief, which also discusses system and data protection and protecting money information:

• Be careful when connecting to a public Wi-Fi network, and do not conduct sen

A New York man accused of running the popular cybercrime forum BreachForums was recently arrested and charged.  He is believed to be Pompompurin, an individual whose online moniker was mentioned in several high-profile hacking stories in the past years.   It is sad to know that this criminal used the name Pompompurin, which is the name of a good natured Golden Retriever dog character introduced by the Japanese company Sanrio (Hello Kitty) in 1996.  The suspect is 21-year-old Conor Brian Fitzpatr

According to various investigating agencies, thousands are believed to have lost their savings after investing in a cryptocurrency trading app called iEarn Bot   https://www.iearnbot.com.  DO NOT VISIT THIS WEBSITE; IT IS A SCAM.  Experts investigating the company say it could be one of the largest crypto scandals.  Cryptocurrency trading has become popular, with people often promising large rewards over short periods.  But law enforcement agencies warn of many scams and recommend investors cond

The long arm of the law has grabbed the Hive ransomware operation, and it appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries.  A message in English and Russian on the Hive ransomware operation’s Tor-based website reads: “The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware.”  Another message says the action was taken in coordination with Europol and authoritie

In the last few years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the Internet's most severe security crisis.  Now, the US Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a new security warning.

Ransomware is a type of malicious software, or malware that prevents you from accessing your computer files, systems, or networks and d

Recently, victims of a recently uncovered form of ransomware are being warned not to pay the ransom demand simply because the ransomware is not able to decrypt files it just destroys them instead. Coded in Python, Cryptonite ransomware first appeared in October 2022 as part of a free-to-download open-source toolkit available to anyone with the skills required to deploy it in attacks against Microsoft Windows systems, with phishing attacks believed to be the most common means of delivery.

An anal

The holidays are when people unknowingly let their guard down, and cybercriminals know it.  They take advantage of people at home who are in a good mood, excitedly awaiting packages that are gifts for family or friends; and they also know employee counts are low as the staff takes vacation time and someone not used to a certain role might be covering for another employee.  It is a holiday recipe for potential disaster.

See:  https://redskyalliance.org/xindustry/holiday-2021-tip-to-stay-safe-1

Th

The US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are raising awareness of the potential threat posed by attempts to manipulate information or spread disinformation in the lead-up to and after the 2022 midterm elections.  Foreign actors may intensify efforts to influence the outcomes of the 2022 midterm elections by circulating or amplifying reports of real or alleged malicious cyber activity on election infrastructure.  Additionally, th

This past week, the Australian telecoms company Optus is coming under fire for a breach of customer data.  Optus’ initial press release regarding this breach went out on 21 September 2022, informing customers that services were not affected and that they were investigating a possible breach [1].  Optus has subsequently release further updates, including informing customers that they will be contacted if their data was compromised.  In addition, Optus will be offering the Equifax Protect servi

The US Federal Bureau of Investigation (FBI) has issued a Private Industry Notification warning of malicious cyber actors using proxies and configurations for credential stuffing attacks on organizations within the United States.

See:  https://www.ic3.gov/Media/News/2022/220818.pdf

Credential stuffing is a form of brute force attack and shares many of the same commonalities that exploit leaked user credentials or ones purchased on the Dark Web that takes advantage of the fact that many individua

The US Department of Treasury placed sanctions on 08 August 2022 regarding Tornado Cash, a leading "crypto mixer" for transactions in virtual currency that US officials describe as a hub for laundering stolen funds, including by North Korean hackers.   The Treasury Department reported Tornado Cash had been used to transfer at least $96 million of funds stolen in June from crypto exchange service Harmony Bridge and another $7.8 million of the nearly $200 million in cryptocurrency hacked from Noma

With criminals beginning to use deepfake video technology[1] to spoof an identity in live online job interviews, security researchers have highlighted one simple way to spot a deepfake: just ask the person to turn their face sideways.  The reason for this as a potential handy authentication check is that deepfake AI models, while good at recreating front-on views of a person's face are not adequate for presenting side-on or profile views like those seen in a mug shot.

Camera apps have become inc

Network credentials and virtual private network (VPN) access for colleges and universities based in the US are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber-attacks against individual users or affiliated organizations," the US Federal Bureau of Investigation (FBI) said in an advisory published last week.  See:  https://www.ic3.gov

Three people were handed years-long sentences in federal court on Wednesday for a range of crimes connected to a widespread hacking and identity theft campaign.  Alessandro Doreus, Jean Elie Doreus Jovin and Djouman Doreus pleaded guilty to conspiracy to commit fraud and aggravated identity theft in September 2021.  Prosecutors said they defrauded hundreds of people from 2015 to 2020 by gaining access to Social Security numbers, account numbers, usernames and passwords.

A US District Judge gave

The US government is sounding the alarm after discovering new custom tools capable of full system compromise and disruption of ICS/SCADA devices and servers. Investigators reported that a custom-made, modular ICS attack framework can be used to disrupt and/or destruct devices in industrial environments.

A joint advisory from the Department of Energy, CISA, NSA, and the FBI warned that unidentified APT actors have created specialized tools capable of causing major damage to PLCs from Schneider El

In the US, the FBI has issued an alert about the RagnarLocker ransomware group targeting at least 52 entities across 10 critical infrastructure sectors.  The FBI recently released a flash alert, warning users and organizations in the US to remain vigilant about the RagnarLocker ransomware group's growing footprint.  "As of January, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufact

The FBI has seized 39.9 bitcoins from an alleged affiliate of the notorious REvil ransomware group, which has been tied to illicit profits of more than $200 million. The seizure occurred 03 August 2021 and was reported on 30 November 2021 in a complaint for forfeiture filed by acting U.S. Attorney Chad E. Meacham in the U.S. District Court for the Northern District of Texas, backed by FBI Special Agent Joshua Jacobs. It says the funds were seized from an Exodus wallet, which refers to a piece of

Activity Summary - Week Ending on 19 November 2021:

• Red Sky Alliance identified 22,393 connections from new IP’s checking in with our Sinkholes
• Analysts identified 5,918 new IP addresses participating in various Botnets
• Firsttheberg.net in France has a Compromised IP
• MBR Attacks
• Abcbot Linux Malware
• FatPipe
• Not Just the CISOs Problem
• Swedish Spoof
• The FBI is Cold?
• Lazarus Still Around
• UK Gamers

Link to full report: IR-21-323-001_weekly323.pdf

There was an old 60’s movie called, The Spy who came in from the Cold.  Well the FBI could be sidelined in new cybersecurity legislation and left out in the cyber security cold.  In the view of America’s most powerful law enforcement agency, that could be a big problem.

In testimony to the US Congress, the current assistant director of the FBI’s Cyber Division, said that the Biden administration is “troubled” by legislation proposed by the US Senate and House Homeland Security committees requiri

Federal law enforcement officials announced on 26 October 2021 that a wide-ranging, global illicit drug crackdown yielded 150 arrests and the seizure of more than $31.6 million in cash and virtual currencies.  The 10-month law enforcement initiative called Operation Dark HunTOR, after the encrypted Internet tool, was conducted in partnership with international counterparts.  The operation produced 234 kilograms (500 lbs.) of seized drugs.  Of those arrested, 65 were in the US and the remaining w