Tag: United states

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.
News

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a single internet service provider (ISP) in the U.S., has been codenamed Pumpkin Eclipse by the Lumen Technologies Black Lotus Labs team. It specifically affected three router models issued by the ISP: ActionTec T3200, ActionTec T3260, and Sagemcom. "The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement," the company said in a technical report read more Mysterious Cyb...
FCC reveals Royal Tiger, its first tagged robocall threat actor
News

FCC reveals Royal Tiger, its first tagged robocall threat actor

In an attempt to make it easier for law enforcement and foreign partners to track down the people and organizations responsible for recurrent robocall operations, the Federal Communications Commission (FCC) has identified "Royal Tiger" as its first officially recognized robocall threat actor. A gang of scammers known as Royal Tiger operated out of India, the United Kingdom, the United Arab Emirates, and the United States. They used fictitious phone numbers to pose as banks, utility companies, and government agencies to place robocalls and make calls promoting phony credit card interest rate reduction offers. Several businesses connected to illicit calls in the US are run by the Royal Tiger organization, which is purportedly headed by Prince Jashvantlal Anand and his accomplice Kaush...
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
News

Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia

A former National Security Agency (NSA) employee in the United States was given a sentence of nearly 22 years (262 months) in jail for trying to send confidential documents to Russia. FBI Director Christopher Wray stated, "This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there are consequences to betraying that trust." Between June 6 and July 1, 2022, Jareh Sebastian Dalke, 32, of Colorado Springs, worked as an information systems security designer and had access to sensitive data. Dalke is reported to have communicated with someone he believed to be a Russian agent somewhere between August and September of that year, despite having only a brief employment with the intelligence service read more Ex-NSA Employee...
Firebird RAT creator and seller arrested in the U.S. and Australia
News

Firebird RAT creator and seller arrested in the U.S. and Australia

Two people are allegedly responsible for creating and disseminating the "Firebird" remote access trojan (RAT), which was then renamed as "Hive." The arrest and charge of these individuals is the result of a cooperative police operation by the Australian Federal Police (AFP) and the FBI. Even if Firebird and Hive aren't among the most well-known and often used RATs, they may have had an effect on users' security across the globe. There there was a dedicated website for Firebird, which advertised it as a tool for remote management. But the homepage's features—password recovery across browsers, elevation of privilege through vulnerabilities, and stealthy access—transmitted the intended message to potential customers read more Firebird RAT creator and seller arrested in the U.S. and Aus...
U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation
News

U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation

Indictments against seven Chinese nationals were made public by the U.S. Department of Justice (DoJ) on Monday. The individuals were part of a hacking gang that, for approximately 14 years, targeted political officials, corporations, journalists, and critics both domestically and internationally. The defendants are Sun Xiaohui (孙小草), Xiong Wang (熊旺), Peng Yaowen (彭耀文), Weng Ming (翁明), Cheng Feng (程锋), Ni Gaobin (倪高彬), and Zhao Guangzong (赵光宗). Charges for conspiracy to commit wire fraud and conspiracy to commit computer intrusions have been brought against the alleged cyber spies in relation to APT31, a state-sponsored threat group also known by the names Altaire, Bronze Vinewood, Judgement Panda, and Violet Typhoon (previously Zirconium). At least since 2010, the hacker collective ...
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
News

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

Researchers studying cybersecurity have discovered a fresh wave of phishing attempts that purport to distribute StrelaStealer, an information stealer that is always changing. In a new analysis released today, analysts from Palo Alto Networks Unit 42 stated that the efforts had an influence on over 100 companies in the United States and the European Union. The organization stated in a study released today that "these campaigns take the form of spam emails with attachments that eventually launch the StrelaStealer's DLL payload." To avoid being discovered, hackers alter the original email attachment file format from one campaign to the next in an effort to avoid being recognized by the previously created signature or patterns read more New StrelaStealer Phishing Attacks Hit Over 100...
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
News

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

More than six months after it was revealed that a China-linked cyber espionage campaign was targeting two dozen organizations, Microsoft has extended free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit, regardless of license tier. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated that Microsoft "will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days." Furthermore, this data will offer enhanced telemetry, aiding numerous federal agencies in fulfilling logging prerequisites as mandated by the Office of Management and Budget Memorandum M-21-31. In July 2023, Microsoft reported that an activity group named Storm-0558, originating from China, unlawfully infil...
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
News

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

Six Iranian intelligence service officials were sanctioned by the Office of Foreign Assets Control (OFAC) of the U.S. Treasury Department for hacking vital infrastructure facilities in the United States and other nations. Members of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian. Reza Lashgarian is a commander in the IRGC-Quds Force and the chairman of the IRGC-CEC. He is said to have taken part in several intelligence and read more U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks. Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with ou...
X adds passkeys support for iOS users in the United States
News

X adds passkeys support for iOS users in the United States

Passkeys can now be used by iOS users in the US to access their accounts, according to a recent announcement from X, formerly Twitter. The passkeys, which are associated with the iOS device they are generated on, will greatly lower the likelihood of breaches by thwarting phishing attempts and preventing unauthorized access. Because they will eliminate the need to learn complicated passwords, they will also improve security and user experience. An online credential linked to your account is a passkey. Your private passkey automatically authenticates your account using the server's public passkey, enabling you to log in without having to write in your username and password read more X adds passkeys support for iOS users in the United States. Get up to date on the latest cybersecuri...
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers
News

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers

The cryptocurrency mixing service Sinbad has been sanctioned by the U.S. Department of Treasury due to its use by the North Korean hacking group Lazarus as a means of money laundering. A cryptocurrency mixer is a server that lets users deposit cryptocurrency. To help prevent precise tracking, the cryptocurrency is mixed and sent to numerous wallet addresses. After the cryptocurrency is "mixed," the mixing service transfers it to a different wallet address that belongs to the customer, taking a commission from the deposited amount. Today, Sinbad.io (Sinbad) was sanctioned by the Treasury's Office of Foreign Assets Control (OFAC) due to allegations that North Korean hackers read more US seizes Sinbad crypto mixer used by North Korean Lazarus hackers. Get up to date on the lates...