You are here

Home » Cybersecurity

Cybersecurity

FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report

The FBI’s Internet Crime Complaint Center (IC3) published its 2021 Internet Crime Report. The project draws data from 847,376 complaints of suspected internet crime reported to the FBI. Reports in 2021 represent a 7 percent increase in complaints from the 2020 report with reported losses exceeding $6.9 billion. The top three cyber crimes reported by victims in 2021 were phishing scams, non-payment/non-delivery scams, and personal data breaches. Victims lost the most money to business email compromise scams and investment fraud.

Keep Your Shields Up, Don’t Panic, and Bolster Resilience Against Potential Russian Cyber Attacks on Critical Infrastructure

In a follow up to White House statements on Monday, March 21, 2022 regarding evolving intelligence, the Cybersecurity and Infrastructure Security Agency (CISA) convened an unclassified call on Tuesday to address observed Russian Government preparatory cyber activity against the U.S.

Don’t Panic, but Don’t be Complacent – Act Now to Protect the Services Americans Rely On Against Potential Cyber Attacks from Russian State-Sponsored Actors

Multiple statements emanated from the White House yesterday regarding evolving intelligence that the Russian government is exploring options for potential cyber attacks and that preparatory actions have been observed against U.S. critical infrastructure. WaterISAC posted and distributed an advisory, Update from the White House – Act Now to Protect Against Potential Cyber Attacks, shortly after the initial White House release.

Threat Awareness – Microsoft and Okta Investigating Data Leaks

The cybercriminal group Lapsus$ claims to have successfully compromised Microsoft’s internal Azure DevOps server and stolen source code for Bing, Cortana virtual assistant, and other projects. Yesterday, the threat actors leaked around 40 Gb of data stolen from Microsoft and claimed to have targeted LGE corporation and identity and access management company Okta. Lapsus$ is a data extortion cyber group that compromises business networks to steal source code, customer lists, databases, and other valuable data.

Security Awareness – Emotet Impersonating IRS in New Phishing Scam

The infamous malware botnet Emotet continues to resurge and propagate through persistent scams. Recently, Emotet was observed in a campaign leveraging tax season themed lures and impersonating the IRS to trick victims into downloading the malicious botnet. In these new campaigns, Emotet threat actors send out supposed “tax documents” for recipients to view or fill out and return to the sender.

Indicators of Compromise Associated with AvosLocker Ransomware

The FBI and the Department of the Treasury released a joint Cybersecurity Advisory (CSA) detailing indicators of compromise associated with AvosLocker ransomware. AvosLocker operates as a Ransomware-as-a-Service (RaaS) affiliate-based group and has targeted several critical infrastructure sectors in the U.S. and across the world, including government facilities.

Ransomware Awareness – LokiLocker Ransomware

Security researchers have identified a new Ransomware-as-a-Service (Raas) family dubbed LokiLocker that has been active in the wild since August 2021. The ransomware employs file encryption to extort its victims and data wiping capabilities that can make an infected device unusable if a victim fails to pay the ransom. To obfuscate its activities, LokiLocker displays a fake Windows Update screen and disables multiple Windows security applications. It also deletes backup files and shadow copies to prevent data recovery.

Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) – Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A) – to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitatio

Pages

Subscribe to Cybersecurity