Cybercrime Featured Government

Darkside ransomware gang says it lost control of its servers & money a day after Biden threat

A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.

Cybercrime Featured Government

15% of 2020 ransomware payments carried a sanctions violations risk

Around one in six ransomware payments in 2020 were made to ransomware gangs that had some sort of connection to a US-sanctioned entity.

pipeline gas fuel
Cybercrime Featured Government

Biden: No evidence Russian government is involved in Colonial ransomware attack

At a press conference today, President Joe Biden said the US intelligence community has no evidence that the Russian government had any kind of involvement in the ransomware attack that crippled one of the US’ largest fuel supply pipelines last week.

Illinois OAG
Cybercrime Featured Government

Ransomware gang leaks court and prisoner files from Illinois Attorney General Office

The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned.

US police
Cybercrime Featured Government

Ransomware gang threatens to expose police informants if ransom is not paid

A ransomware gang is threatening to leak sensitive police files that may expose police investigations and informants unless the Metropolitan Police Department of the District of Columbia agrees to pay a ransom demand.

Featured Government Nation-state Technology

Chinese hackers used Pulse Secure VPN zero-day to breach US defense contractors

Two hacking groups, including at least one confirmed Chinese cyber-espionage outfit, have used a new zero-day vulnerability in Pulse Secure VPN equipment to gain a foothold inside the networks of US defense contractors and government organizations across the world.

Featured Government Nation-state

CISA, FBI, NSA reveal five enterprise bugs exploited by Russia’s APT29 group

Three US security agencies have published on Thursday a joint advisory to expose and draw attention to five vulnerabilities in popular enterprise equipment that have and are still being abused by Russian state hackers to breach corporate and government networks.

Featured Government Nation-state

White House formally blames Russian intelligence service SVR for SolarWinds hack

In a press release today announcing a broad set of sanctions against the Russian government, the Biden administration has formally named the Russian Foreign Intelligence Service, also known as the SVR, as the perpetrator of the 2020 SolarWinds Orion supply chain attack.

Featured Government Nation-state

FBI operation removed web shells from hacked Exchange servers across the US

The US Department of Justice announced today that a US judge granted the FBI the authority to log into web shells planted by hackers on Exchange email servers across the US and remove the malware as part of a mass-uninstall operation.

Featured Government Nation-state

US says APTs are using Fortinet bugs to gain initial access for future attacks

In a joint security alert published today, on Friday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said they’d observed multiple state-sponsored hacking groups scanning the web for Fortinet devices in order to find and gain access to sensitive networks so they could launch future attacks.