The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII).
While the concept of fraudulent emergency data requests was previously used by other threat actors, such as Lapsus$, the increase in postings on criminal forums regarding the process of emergency data requests and sale of compromised credentials has led to an increase of their use. The FBI encourages organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact from submission of fraudulent emergency data requests to attempt to gain unauthorized access to PII.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Scammers impersonating TSA pre-check to steal your money and information
December 10, 2024
A new warning as we head into the busy holiday travel season. It would be best to be on guard for fake TSA precheck websites. “We are seeing a disturbing trend of mimicking TSA-like sites,” says Karin Zilberstein with Guardio, a browser extension that identifies fake websites and other malware. She says Guardio has discovered ...
- US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure
December 10, 2024
The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos in ...
- What is high bandwidth memory and why is the US trying to block China’s access to it?
December 8, 2024
The US government has imposed fresh export controls on the sale of high tech memory chips used in artificial intelligence (AI) applications to China. The rules apply to US-made high bandwidth memory (HBM) technology as well as foreign-produced ones. High bandwidth memory (HBM) are basically a stack of memory chips, small components that store data. They ...
- Massive New Jersey cybersecurity breach leads to thousands of stolen SSNs
December 7, 2024
The social security numbers, driver’s licenses, payroll, health and other personal details of Hoboken city workers were among the data stolen in a “massive” cybersecurity breach last month. According to a list of thousands of stolen files obtained by The Jersey Journal, every department in City Hall — ranging from payroll to construction, health, and animal ...
- US critical infrastructure hit once again by a new group on the scene
December 6, 2024
Storm-0227, a Chinese state-sponsored advanced persistent threat (APT) actor started targeting critical infrastructure organizations, as well as government entities, in the United States. The group abuses software vulnerabilities and engages in spear phishing attacks to gain access to people’s devices. Once they get the access, they deploy different Remote Access Trojans (RAT) and other malware to ...
- Equifax breach: Check for exposed data, get $125
December 6, 2024
Following a data breach exposing the social security numbers of millions, the credit bureau at fault will also spend millions to pay back those affected. Equifax, one of the three major credit reporting agencies, reached a $700 million settlement with the Federal Trade Commission after they exposed the information of around 147 million people. Over 1.1 ...