The Justice Department has announced the seizure of two domain names as well as nearly 1,000 social media accounts used by Russian actors to create and spread disinformation in the United States. US agencies including the FBI and Cyber National Mission Force (CNMF), alongside agencies in Canada and the Netherlands, released a joint advisory detailing…

The FBI and U.S. Cybersecurity and Infrastructure Security Agency are urging critical infrastructure organizations to implement mitigation techniques to thwart a cybercriminal group known as Scattered Spider that targets major companies and their IT help desks. A joint advisory describes the hacking group, also known as Octo Tempest and UNC3944, as having expertise in social…

Cybersecurity advisories from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) are usually a good indication that a particular threat merits priority attention from organizations in the crosshairs. That would appear to be the case with “Snatch,” a ransomware-as-a-service (RaaS) operation that has been active since at least 2018 and is the…

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. The Bl00dy ransomware has been active since May 2022, it has been the first group that started using the leaked LockBit ransomware builder in attacks in the…

What’s not to love about an international law enforcement operation wreaking disruption on Hive, the ransomware-wielding crime syndicate? But with no suspects in jail, it’s unclear how long this takedown will stick before the bad guys get back their sting. There’s still plenty to celebrate since Hive, one of the world’s most active ransomware groups,…

Previously known as Eeleyanet Gostar and Net Peygard Samavat, Emennet Pasargad is an organization that often changes its name to avoid US sanctions, and which is known for providing cybersecurity services to government entities in Iran. In November 2020, the US warned that Iranian hackers exploited known vulnerabilities to access voter registration data, and in…

As part of such attacks, threat actors rely on publicly-available personally identifiable information (PII) and social engineering to impersonate victims and access payment information, healthcare portals, and more. “Recent reporting indicates cyber criminals will continue targeting healthcare payment processors through a variety of techniques, such as phishing campaigns and social engineering, to spoof support centers…