Thwarting over $US130 million in ransom demands The Justice Department announced today its months-long disruption campaign against the Hive ransomware group that has targeted more than 1,500 victims in over 80 countries around the world, including hospitals, school districts, financial firms, and critical infrastructure. Since late July 2022, the FBI…
Read More
North Korean cyber actors used RAILGUN, to launder over $US60 million worth of ethereum The FBI continues to combat malicious cyber activity, including the threat posed by the Democratic People’s Republic of Korea (DPRK) to the U.S. and our private sector partners. Through our investigation, we were able to confirm…
Read More
North Korean state-sponsored actors were observed using Maui ransomware The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of the Treasury (Treasury) today released a joint Cybersecurity Advisory (CSA) that provides information on Maui ransomware, which has been used by North Korean…
Read More
Advisory issued by FBI, CISA, ACSC and NCSC. A joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight…
Read More
Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…
Read More
Customers include Indonesian Government. The Cybersecurity Infrastructure Security Agency (CISA) of the United States and the Federal Bureau of Investigation (FBI) have stated both agencies have responded to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. The…
Read More
One the largest attacks on a national infrastructure in 2021. The FBI has confirmed that Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks in Unites States. The federal agency will continue to work with the company and government partners on the investigation. Colonial Pipeline Networks learnt…
Read More
APT actors exploit vulnerabilities to gain initial access for future attacks. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises organisations using Fortinet devices that Advanced Persistent Actors (APT’s) have been observed exploiting the following vulnerabilities: CVE-2018-13379 – Fortinet Path Traversal CVE-2020-12812 – Fortinet 2 Factor Authentication bypass CVE-2019-5591 – Fortinet Man-in-the-middle…
Read More
Russian hacker attempted to bribe Tesla employee with US$1M to infect the company with malware. A Russian national made his initial appearance in US Federal Court this week for his role in a conspiracy to recruit an employee of a company to introduce malicious software into Tesla’s computer network, extract…
Read More