U.S. Treasury | Cyber Security Review

FireEye, Microsoft create kill switch for SolarWinds backdoor

Posted onDecember 17, 2020

Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself. This past weekend it was revealed that Russian state-sponsored hackers breached SolarWinds and added malicious code to Read More …

Suspected Russian hackers spied on U.S. Treasury emails – sources

Posted onDecember 13, 2020January 1, 2021

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of Read More …

Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping

Posted onDecember 7, 2020December 8, 2020

Researchers have discovered new samples of a previously discovered Android malware, which is believed to be linked to the APT39 Iranian cyberespionage threat group. The new variant comes with new surveillance capabilities – including the ability to snoop on victims’ Read More …

DarkSide ransomware’s Iranian hosting raises U.S. sanction concerns

Posted onNovember 15, 2020November 15, 2020

Ransomware negotiation firm Coveware has placed the DarkSide operation on an internal restricted list after the threat actors announced plans to host infrastructure in Iran. When the DarkSide ransomware operation encrypts a network, their affiliates steal unencrypted files, which they Read More …

US Treasury sanctions Russian research institute behind Triton malware

Posted onOctober 23, 2020January 1, 2021

The US Treasury Department announced sanctions today against a Russian research institute for its role in developing Triton, a malware strain designed to attack industrial equipment. Sanctions were levied today against the State Research Center of the Russian Federation FGUP Read More …

Researchers Mixed on Sanctions for Ransomware Negotiators

Posted onOctober 2, 2020October 5, 2020

Ransomware negotiators may have to pay up in new ways if they intercede with cybercriminals on companies’ behalf. Several researchers weighed in on the wisdom of the move, with mixed reactions. The U.S. Department of the Treasury said Thursday that Read More …

APT41 Operatives Indicted as Sophisticated Hacking Activity Continues

Posted onSeptember 17, 2020September 18, 2020

Five alleged members of the APT41 threat group have been indicted by a federal grand jury, in two separate actions that were unsealed this week. Meanwhile, the Department of Treasury also imposed sanctions on individuals and organizations associated with Iran-linked Read More …

Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash

Posted onOctober 3, 2018October 5, 2018

The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Read More …