FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI's most-wanted list in 2012. The U.S.

U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage

The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. "These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the Russian government, such as U.S.

Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents

A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified documents to WikiLeaks and for possessing child pornographic material. Joshua Adam Schulte, 35, was originally charged in June 2018. He was found guilty in July 2022. On September 13, 2023, he was&

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-

FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool

The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential human source (CHS) to act as an affiliate

Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches

The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as "ineffective" and that it "continues to observe active intrusions and considers all affected Barracuda ESG

FBI Alert: Crypto Scammers are Masquerading as NFT Developers

The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users. In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "exclusive" new NFT releases, often

Ex-NSA Employee Arrested for Trying to Sell U.S. Secrets to a Foreign Government

A former U.S. National Security Agency (NSA) employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation (FBI). Jareh Sebastian Dalke, 30, was employed at the NSA for less than a month from June 6, 2022, to July 1, 2022, serving as an Information Systems Security Designer

FBI Warns Investors to Take Precautions with Decentralized Financial Platforms

The U.S. Federal Bureau of Investigation (FBI) on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance (DeFi) platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the agency said in a notification. Attackers are said to have used

U.S. Offers $10 Million Reward for Information on North Korean Hackers

The U.S. State Department has announced rewards of up to $10 million for any information that could help disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities. "If you have information on any individuals associated with the North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers

The U.S. Department of Justice (DoJ) has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. "The seized funds include ransoms paid by healthcare providers in Kansas and Colorado," the DoJ said in a press release issued Tuesday. The recovery of the bitcoin ransoms

FBI Warns of Fake Cryptocurrency Apps Stealing Millions from Investors

The U.S. Federal Bureau of Investigation (FBI) has warned of cyber criminals building rogue cryptocurrency-themed apps to defraud investors in the virtual assets space. "The FBI has observed cyber criminals contacting U.S. investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals

North Korean Maui Ransomware Actively Targeting U.S. Healthcare Organizations

In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. "North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health

U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020. The widespread intrusion campaigns aim to exploit publicly identified security flaws in network devices such as Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS)

FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks

Network credentials and virtual private network (VPN) access for colleges and universities based in the U.S. are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations," the U.S.