Latest FBI news

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets.
- Sergiu Gatlan
- February 29, 2024
- 03:35 PM
- 1
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
- Sergiu Gatlan
- February 27, 2024
- 05:26 PM
- 0
Russian hackers hijack Ubiquiti routers to launch stealthy attacks

Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
- Sergiu Gatlan
- February 27, 2024
- 12:25 PM
- 0
Russian hackers shift to cloud attacks, US and allies warn

Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services.
- Sergiu Gatlan
- February 26, 2024
- 12:31 PM
- 0
US govt shares cyberattack defense tips for water utilities

CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks
- Sergiu Gatlan
- February 21, 2024
- 01:39 PM
- 1
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers

The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks.
- Sergiu Gatlan
- February 15, 2024
- 01:00 PM
- 3
FBI seizes Warzone RAT infrastructure, arrests malware vendor

The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation.
- Bill Toulas
- February 12, 2024
- 06:09 PM
- 1
FBI disrupts Chinese botnet by wiping malware from infected routers

The FBI has disrupted the KV-botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure.
- Sergiu Gatlan
- January 31, 2024
- 12:43 PM
- 0
FBI: Tech support scams now use couriers to collect victims' money

Today, the FBI warned about courier services being used to collect money and valuables from victims of tech support and government impersonation scams.
- Sergiu Gatlan
- January 29, 2024
- 11:31 AM
- 0
The law enforcement operations targeting cybercrime in 2023

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks.
- Lawrence Abrams
- January 01, 2024
- 11:05 AM
- 0
The Week in Ransomware - December 22nd 2023 - BlackCat hacked

Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action.
- Lawrence Abrams
- December 22, 2023
- 04:20 PM
- 0
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation (FBI).
- Sergiu Gatlan
- December 19, 2023
- 02:32 PM
- 0
FBI disrupts Blackcat ransomware operation, creates decryption tool

The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys.
- Lawrence Abrams
- December 19, 2023
- 09:16 AM
- 0
FBI: Play ransomware breached 300 victims, including critical orgs

The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities.
- Sergiu Gatlan
- December 18, 2023
- 11:24 AM
- 0
FBI shares tactics of notorious Scattered Spider hacker collective

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation..
- Bill Toulas
- November 16, 2023
- 04:55 PM
- 0
FBI and CISA warn of opportunistic Rhysida ransomware attacks

The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
- Sergiu Gatlan
- November 15, 2023
- 12:46 PM
- 0
IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.
- Bill Toulas
- November 14, 2023
- 07:05 PM
- 0
FBI: Royal ransomware asked 350 victims to pay $275 million

The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022.
- Sergiu Gatlan
- November 13, 2023
- 03:40 PM
- 0
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors

The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network.
- Bill Toulas
- November 08, 2023
- 11:44 AM
- 2
FBI warns of extortion groups targeting plastic surgery offices

The FBI warned of cybercriminals using spoofed emails and phone numbers to target plastic surgery offices across the United States for extortion in phishing attacks that spread malware.
- Sergiu Gatlan
- October 18, 2023
- 02:55 AM
- 0