Major cyber incident reporting requirement, CISA budget hike on precipice of becoming law

The incident reporting legislation, long in the works, also comes with nearly $2.6 billion for the agency for fiscal 2022.

The post Major cyber incident reporting requirement, CISA budget hike on precipice of becoming law appeared first on CyberScoop.

Continue reading Major cyber incident reporting requirement, CISA budget hike on precipice of becoming law

Two Persons on the U.S Secret Service Most Wanted Cybercriminals List Run a Managed Android Malware Enterprise Including a Black Energy DDoS Botnet – An OSINT Analysis

Dear blog readers,This is Dancho. In this post I’ll provide actionable intelligence on two individuals on the U.S Secret Service’s Most Wanted Cybercriminals list in particular – Oleksandr Vitalyevich Ieremenko including Danil Potekhin f… Continue reading Two Persons on the U.S Secret Service Most Wanted Cybercriminals List Run a Managed Android Malware Enterprise Including a Black Energy DDoS Botnet – An OSINT Analysis

‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees

After the multimillion-dollar extortions of Colonial Pipeline and meat processor JBS, a Secret Service official is urging organizations not to pay off hackers and underscoring that more victims need to come forward in order to help U.S. officials get a handle on the problem. “We’re in this boat we’re in now because over the last several years, people have paid the ransom,” Stephen Nix, assistant to the Special Agent in Charge at the U.S. Secret Service, said at CyberTalks, a summit presented by CyberScoop. “This is the monetization of security flaws. That’s what we’re looking at. That horse has left the barn.” Nix asked ransomware victims to tell law enforcement agencies details such as the cryptocurrency wallet, or account, used by the attackers in order to track them down. “I think it’s a very small number of cases we actually hear about,” he added. “If we don’t hear about it, […]

The post ‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees appeared first on CyberScoop.

Continue reading ‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees

Investigators suggest hackers exploited weak password security to breach Florida water facility

A clearer picture of poor security practices in Oldsmar, Florida prior to the dangerous hack of its water treatment plant is beginning to emerge, even as an investigation into the matter continues one week after the incident. Three federal agencies teamed up with an organization that shares threat information between states to issue an alert late Thursday explaining how the breach, in which a hacker allegedly tried to raise sodium hydroxide levels to amounts that are harmful to humans, might have unfolded. Initial clues suggest the incident, which was detected before it amounted to a threat to public drinking water, was made possible by lax data protection strategies and exploitation of a software tool. “The cyber actors likely accessed the system by exploiting cybersecurity weaknesses, including poor password security, and an outdated operating system,” reads the alert from the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, Environmental […]

The post Investigators suggest hackers exploited weak password security to breach Florida water facility appeared first on CyberScoop.

Continue reading Investigators suggest hackers exploited weak password security to breach Florida water facility

SIM-swapping gang busted for targeting ‘influencers, sports stars, musicians’

International police say 10 suspects have been arrested for fraudulently accessing the phones of celebrities to steal about $100 million cryptocurrency as well as personal data throughout 2020. The sting included eight arrests in the United Kingdom as well as one in Malta and another in Belgium, according to Europol. The U.S. Secret Service, Department of Homeland Security and FBI were all involved in the operation, the U.K.’s National Crime Agency (NCA) said. As of Wednesday morning, it was unclear who the victims were, but the NCA said they included “well-known influencers, sports stars, musicians, and their families.” Neither Europol nor the NCA named the suspects. Victims’ phones were targeted via SIM swapping, police said. Unlike a direct hack on a person’s device, SIM swapping — also known as SIM hijacking — typically involves a little help from other humans. Scammers often take over a person’s digital profile by deactivating […]

The post SIM-swapping gang busted for targeting ‘influencers, sports stars, musicians’ appeared first on CyberScoop.

Continue reading SIM-swapping gang busted for targeting ‘influencers, sports stars, musicians’

Secret Service looks to outsiders to boost financial cybercrime probes

The U.S. Secret Service is pulling in outside expertise from the private sector and U.S. Cyber Command as it weighs changes to its investigative methods in an attempt to keep pace with international hackers. The engagement with Cyber Command, the Pentagon’s offensive cyber unit, is focused on learning from the military’s experience with transnational cybercriminals, a Secret Service official told CyberScoop. The Secret Service’s efforts to consult with private sector experts, meanwhile, is focused on specifically overhauling the agency’s investigative practices. The effort to consult with outside expertise comes as part of a recognition that the Secret Service lacks the latest techniques needed to root out financially motivated hackers. To formalize its interest in tapping into the private sector’s understanding of scammers’ latest tactics, the agency earlier this year established an advisory group composed of cybersecurity practitioners from the private sector, academia, and U.S. government, as CyberScoop first reported. Known as the Cyber Investigations Advisory Board (CIAB), the group met last week […]

The post Secret Service looks to outsiders to boost financial cybercrime probes appeared first on CyberScoop.

Continue reading Secret Service looks to outsiders to boost financial cybercrime probes

Secret Service merging electronic and financial crime task forces to combat cybercrime

The Secret Service is combining its Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs) into one unified network, the agency announced Thursday. The new merged network of task forces, to be known as Cyber Fraud Task Forces (CFTFs), will detect, prevent and root out cyber-enabled financial crimes, such as business email compromise and ransomware scams, “with the ultimate goal of arresting and convicting the most harmful perpetrators,” the Secret Service said in a press release. The agency hopes the reorganization integrates the resources and know-how in the previous task forces. “Through the creation of the CFTFs, the Secret Service aims to improve the coordination, sharing of expertise and resources, and dissemination of best practices for all its core investigations of financially-motivated cybercrime,” the Secret Service said. The decision to merge task forces comes months after the Secret Service launched an effort to modernize its investigations into financially-motivated […]

The post Secret Service merging electronic and financial crime task forces to combat cybercrime appeared first on CyberScoop.

Continue reading Secret Service merging electronic and financial crime task forces to combat cybercrime

Riding the State Unemployment Fraud ‘Wave’

When a reliable method of scamming money out of people, companies or governments becomes widely known, underground forums and chat networks tend to light up with activity as more fraudsters pile on to claim their share. And that’s exactly what appears to be going on right now as multiple U.S. states struggle to combat a tsunami of phony Pandemic Unemployment Assistance (PUA) claims. Meanwhile, a number of U.S. states are possibly making it easier for crooks by leaking their citizens’ personal data from the very websites the unemployment scammers are using to file bogus claims. Continue reading Riding the State Unemployment Fraud ‘Wave’