serisec

Category: fbi

  • FBI’s 2025 Internet Crime Report

    FBI’s 2025 Internet Crime Report The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Lots of interesting statistics. Press release. News articles. Bruce Schneier Go to bruce schneier

  • FBI warns students and staff that ShinyHunters may come knocking after Canvas breach

    FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Having receive a ransom payment for its attack on Canvas, ShinyHunters and other extortion gangs are only likely to be further incentivised to launch similar attacks in future. Read more in my article on the Hot for Security blog. Graham Cluley Go…

  • FBI Extracts Deleted Signal Messages from iPhone Notification Database

    FBI Extracts Deleted Signal Messages from iPhone Notification Database 404 Media reports (alternate site): The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database…. The news shows how forensic extraction—­when…

  • Iranian hackers breach FBI director’s personal email, and post his CV and photos online

    Iranian hackers breach FBI director’s personal email, and post his CV and photos online It’s not every day that you read that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times. Read more in my article on the Hot for Security blog. Graham Cluley Go to…

  • Proton Mail Shared User Information with the Police

    Proton Mail Shared User Information with the Police 404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It’s metadata—payment information related to a particular account—but still important knowledge. This sort of thing happens, even to privacy-centric companies like Proton Mail. Bruce Schneier…

  • iPhone Lockdown Mode Protects Washington Post Reporter

    iPhone Lockdown Mode Protects Washington Post Reporter 404Media is reporting that the FBI could not access a reporter’s iPhone because it had Lockdown Mode enabled: The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson,…

  • Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well

    Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well Supposedly redacted Jeffrey Epstein files can still reveal exactly who they’re talking about – especially when AI, LinkedIn, and a few biographical breadcrumbs do the heavy lifting. Sloppy redaction leads to explosive claims, and difficult reputational consequences for cybersecurity vendors, and we…

  • Microsoft is Giving the FBI BitLocker Keys

    Microsoft is Giving the FBI BitLocker Keys Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that…

  • FBI takes notorious RAMP ransomware forum offline

    FBI takes notorious RAMP ransomware forum offline The FBI has seized control of RAMP, a notorious cybercrime online forum that bragged to be the only place that allowed ransomware, and boasted over 14,000 active users. Now some of those users’ details are likely to be in the hands of the police… Read more in my…

  • FBI Warns of Fake Video Scams

    FBI Warns of Fake Video Scams The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their loved one and demand a ransom be paid for their release. Oftentimes, the criminal actor will express significant claims of violence towards the loved one…

  • Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram

    Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. Read more in my article on the Hot for Security blog. Graham Cluley Go to grahamcluley

  • Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

    Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out…

  • UK Arrests Four in ‘Scattered Spider’ Ransom Group

    UK Arrests Four in ‘Scattered Spider’ Ransom Group Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but…

  • Surveillance Used by a Drug Cartel

    Surveillance Used by a Drug Cartel Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a…

  • Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus

    Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because “ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect. Meanwhile,…

  • Oops: DanaBot Malware Devs Infected Their Own PCs

    Oops: DanaBot Malware Devs Infected Their Own PCs The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many…

  • KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS

    KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet…

  • Ransomware attacks on critical infrastructure surge, reports FBI

    Ransomware attacks on critical infrastructure surge, reports FBI The FBI is set to report that ransomware was the most pervasive cybersecurity threat to US critical infrastructure during the year of 2024, with complaints of ransomware attacks against critical sectors jumping 9% over the previous year. Read more in my article on the Tripwire State of…

  • Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe

    Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to…

  • Free file converter malware scam “rampant” claims FBI

    Free file converter malware scam “rampant” claims FBI Whether you’re downloading a video from YouTube or converting a Word document into a PDF file, there’s a chance that you might be unwittingly handing control of your PC straight into the hands of cybercriminals. Read more in my article on the Hot for Security blog. Graham…

  • Feds Link $150M Cyberheist to 2022 LastPass Hacks

    Feds Link $150M Cyberheist to 2022 LastPass Hacks In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a…

  • FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

    FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published…

  • FBI Deletes PlugX Malware from Thousands of Computers

    FBI Deletes PlugX Malware from Thousands of Computers According to a DOJ press release, the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.” Details: To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the…

  • Chinese Innovations Spawn Wave of Toll Phishing Via SMS

    Chinese Innovations Spawn Wave of Toll Phishing Via SMS Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a…