Joint Cybersecurity Advisory: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory. This CSA is intended to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.
CBS News, “60 Minutes”, the Biden administration is warning about the potential for Russian cyberattacks on American soil and prepares organizations and citizens alike to prepare through the “Shields Up” campaign
Ransomware is scary, but another scam is costing victims much, much more, says FBI
Scammers Exploit Security Weaknesses on Job Recruitment Websites to Impersonate Legitimate Businesses, Threatening Company Reputation and Defrauding Job Seekers
The FBI warns that malicious actors or 'scammers' continue to exploit security weaknesses on job recruitment websites to post fraudulent job postings in order to trick applicants into providing personal information or money.
States working to thwart ransomware need strong patching, backup and access management approaches. But they also can’t afford to forget about employee experience or fostering trust with local government.
CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats
The National Cybersecurity and Infrastructure Security Agency, CISA, encourages all organizations to take immediate steps to defend against potential cyber threats. This includes implementing cybersecurity best practices, increasing vigilance, and preparing your organization for a rapid response.
Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture Sector organizations.
This joint advisory, the result of analytic efforts between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA, highlights ongoing malicious cyber activity targeting the information technology (IT) and operational technology (OT) networks, systems, and devices of U.S. Water and Wastewater Systems (WWS) Sector facilities.
Hacking incidents - especially those involving ransomware attacks and vendors - continue to rack up the largest victim counts in breaches being posted in recent weeks to the federal health data breach tally.
Federal prosecutors in Virginia are charging four individuals for a wide-ranging scheme to defraud businesses, first by hacking into their email or networks and then impersonating trusted third-party vendors in order to collect on unpaid bills.
The FBI warns of a rising trend in which scammers are defrauding victims via online romance scams, persuading individuals to send money to allegedly invest or trade cryptocurrency.
FACT SHEET: Biden Administration and Private Sector Leaders Announce Ambitious Initiatives to Bolster the Nation’s Cybersecurity
Cybersecurity threats and incidents affect businesses of all sizes, small towns and cities in every corner of the country, and the pocketbooks of middle-class families. Compounding the challenge, nearly half a million public and private cybersecurity jobs remain unfilled.
A seller in an online forum claims that 100 million personal records, of which 36 million are unique, were taken from T-Mobile's Systems. Part of the data, which consists of 30 million Social Security and driver's license numbers, was put up for sale on the online forum for six bitcoins, worth about $286,000
State, local and county governments officials testified that they need continually renewed, flexible funding to fend off increasing cyber threats during a U.S. Senate hearing yesterday.
One of the biggest meat producers in the US paid $11 million to cybercriminals responsible for a ransomware attack that temporarily knocked out processing plants last week. The cyberattack forced the meat producer to shut down some plants, prompting concerns about possible meat shortages.
The U.S. Justice Department on Monday reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 DarkSide ransomware attack.
The Chicago-based company paid the hackers about two weeks after a trove of company data was stolen. CNA officials were locked out of their network, according to two people familiar with the attack who asked not to be named because they weren’t authorized to discuss the matter publicly.
The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The Federal Government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors.
The Cybersecurity 202: A group of industry, government and cyber experts have a big plan to disrupt the ransomware crisis
A task force of more than 60 experts from industry, government, nonprofits and academia is urging the U.S. government and global allies to take immediate steps to stem a growing global crisis of cyberattacks in which hackers seize computer systems and data in exchange for a ransom.
The group, which issued a report today, says swift, coordinated action can disrupt and deter the growing threat of cyberattacks that use ransomware, a malicious software that locks up computer systems so that criminals can demand ransom in exchange for access.
Hackers have targeted units of local government in the U.S. by attempting to exploit unpatched vulnerabilities in Microsoft Exchange email servers, according to a new report by the security firm FireEye.
The National Security Agency (NSA) and CISA have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS) service as a key defense against malicious cyber activity. Protective DNS can greatly reduce the effectiveness of ransomware, phishing, botnet, and malware campaigns by blocking known-malicious domains. Additionally organizations can use DNS query logs for incident response and threat hunting activities.
Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products.
The company known as Automatic Funds Transfer Services was hit by a ransomware attack around Feb. 3 when a group called “Cuba Ransomware” began stealing the company’s credentials and unencrypted files.
On February 17, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Treasury (Treasury) issued a Joint Cybersecurity Alert (CSA) and seven Malware Analysis Reports (MAR) on the malware variant known as APPLEJEUS. APPLEJEUS has been used by Lazarus Group, a North Korean-sponsored Advanced Persistent Threat (APT) actor.
Several sets of access credentials for the Oldsmar, Florida, water treatment plant system were found in a batch of data posted online shortly before the breach. A joint alert issued by the FBI, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency, and the Multi-State Information Sharing and Analysis Center provides an overview of the incident and suggests mitigations.
The Internal Revenue Service, state tax agencies and tax industry today warned tax professionals of a new scam email that impersonates the IRS and attempts to steal Electronic Filing Identification Numbers (EFINs).
Operators of a phishing campaign targeting the construction and energy sectors exposed credentials stolen in attacks that were publicly viewable with a simple Google search.
JOINT STATEMENT BY THE FEDERAL BUREAU OF INVESTIGATION (FBI), THE CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY (CISA), THE OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE (ODNI), AND THE NATIONAL SECURITY AGENCY (NSA)
The National Security Council staff has stood up a task force construct known as the Cyber Unified Coordination Group (UCG), composed of the FBI, CISA, and ODNI with support from NSA, to coordinate the investigation and remediation of this significant cyber incident involving federal government networks. The UCG is still working to understand the scope of the incident but has the following updates on its investigative and mitigation efforts.
Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.
Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.
Barnes & Noble has confirmed a cyberattack impacting Nook services and potentially exposing customer data.
LONDON (Reuters) - CMA CGM, the world’s fourth-largest container shipping group, said it has restored its online business services after a cyber attack last month paralysed activity.
In light of heightened tensions between the United States and China, the Cybersecurity and Infrastructure Security Agency (CISA) is providing specific Chinese government and affiliated cyber threat actor tactics, techniques, and procedures (TTPs) and recommended mitigations to the cybersecurity community to...
Fair elections are the foundation of our democracy in the United States, and the FBI is committed to protecting the rights of all Americans to vote. The FBI is issuing this warning to educate voters about federal election crimes and how to avoid them, and to encourage voters to report suspected violations.
According to a statement published by Hartford Public Schools, the school district serving the city of Hartford, the ransomware attack impacted several of the school's internal IT systems, causing a prolonged outage.