FBI: Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients

The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are releasing this joint Cybersecurity Advisory (CSA) to advise the Food & Agriculture sector about recently Read More …

‘Why wasn’t there a back-up plan?’: After One Brooklyn Health cyber attack, community leaders demand answers

Nearly a month after a cyber attack left the One Brooklyn Health system compromised, elected officials and medical professionals gathered outside of Brookdale Hospital Medical Center to call for additional resources — and to get the healthcare system’s three hospitals Read More …

Sting op takes down 50 DDoS-for-hire domains

Police around the globe have seized as many as 50 internet domains said to be involved in tens of millions of distributed-denial-of-service (DDoS) attacks worldwide. Seven people were collared during the swoop. The so-called “booter” websites sold “some of the Read More …

California Department of Finance dealing with cybersecurity incident; no state funds compromised

An investigation is underway after a cybersecurity incident involving the California Department of Finance. The California Cyber Security Integration Center (Cal-CSIC) confirmed the incident on Monday but offered few specifics. Officials did note, however, that no state funds had been Read More …

UK arrests five for selling ‘dodgy’ point of sale software

Tax authorities from Australia, Canada, France, the UK and the USA have conducted a joint probe into “electronic sales suppression software” – applications that falsify point of sale data to help merchants avoid paying tax on their true revenue. A Read More …

US Health Dept warns of Royal Ransomware targeting healthcare

The U.S. Department of Health and Human Services (HHS) issued a new warning today for the country’s healthcare organizations regarding ongoing attacks from a relatively new operation, the Royal ransomware gang. The Health Sector Cybersecurity Coordination Center (HC3) —HHS’ security Read More …

Four suspects cuffed, face extradition to US over tax refund scam plot

Four men suspected of plotting to commit wire fraud and identity theft have been arrested and now face extradition to America. It is alleged they conspired to break into US companies’ servers, steal people’s personally identifiable information (PII), use that Read More …

Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia

Mandiant Managed Defense recently identified cyber espionage activity that heavily leverages USB devices as an initial infection vector and concentrates on the Philippines. Mandiant tracks this activity as UNC4191 and we assess it has a China nexus. UNC4191 operations have Read More …

US bans Huawei, ZTE equipment sales amid Chinese spying fears

The Biden administration has banned approvals of new telecommunications equipment from China’s Huawei Technologies and ZTE because they pose “an unacceptable risk” to US national security. The US Federal Communications Commission said on Friday it had adopted the final rules, Read More …

Iranian Hackers Installed Crypto Miner in Federal Agency After Exploiting Unpatched Log4Shell Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) said Iranian hackers breached a federal agency that failed to patch the Log4Shell vulnerability and deployed a crypto miner. The Log4Shell vulnerability (CVE-2021-44228) is a critical remote code execution flaw on Apache’s Log4j Read More …