[[{“value”:”
Law enforcement in 50 countries partner to take down ransomware, banking malware, and phishing threats.
The post 31 People Arrested in Global Cybercrime Crackdown appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
The all in one place for non-profit security aid.
[[{“value”:”
Law enforcement in 50 countries partner to take down ransomware, banking malware, and phishing threats.
The post 31 People Arrested in Global Cybercrime Crackdown appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity
Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided.
“If a country is unhappy with an internet service, the established practice is to start a legal action against the service itself,” Durov said in a 600-word statement on his Telegram account.
“Using laws from the pre-smartphone era to charge a CEO with crimes committed Read More
US to offer $10 million for Information on Iranian CyberAv3ngers Hackers
The United States has intensified its efforts to combat cyber threats by offering a substantial reward for information leading to identifying or locating individuals involved in malicious cyber activities against U.S. critical infrastructure.
The move comes as part of a broader strategy to counter cyber threats from foreign entities.
According to the tweet from the U.S. Department of State’s Rewards for Justice program has announced a reward of up to $10 million for information on individuals acting under the direction or control of a foreign government, who participate in cyber activities that violate the Computer Fraud and Abuse Act.
Time to avenge CyberAv3ngers’ hacking activities!
This group, linked to Iranian military officials, has hacked into industrial control systems used by U.S. industries and public utilities.
Got info on CyberAv3ngers or these officials? Text us today via our Tor tip line. pic.twitter.com/9wRCsP23Ye
— Rewards for Justice (@RFJ_USA) August 7, 2024
This initiative underscores the U.S. government’s commitment to safeguarding its critical infrastructure from cyber threats.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) – Free Guide
This reward focuses on the CyberAv3ngers, a hacking group affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). This group has been linked to cyberattacks targeting programmable logic controllers (PLCs) used in various industries, including water and wastewater, energy, and healthcare.
Several Iranian security officials have been linked to these malicious activities. Among them is Hamid Reza Lashgarian, the head of the IRGC’s Cyber-Electronic Command (IRGC-CEC), who also serves as a commander in the IRGC-Qods Force.
The U.S. Department of the Treasury has sanctioned Lashgarian, along with Hamid Homayunfal, Mahdi Lashgarian, Milad Mansuri, Reza Mohammad Amin Siberian, and Mohammad Bagher Shirinkar.
These individuals have been designated as Specially Designated Nationals under Executive Order 13224, which targets leaders or officials of the IRGC-CEC for their involvement in cyber and intelligence operations.
As a result, all property and interests in property of these individuals within the United States are blocked, and U.S. persons are generally prohibited from engaging in transactions with them.
The CyberAv3ngers group has been active in targeting Israeli-made PLCs, compromising their default credentials, and leaving provocative messages on the devices.
In October 2023, they claimed responsibility for cyberattacks against Israeli PLCs on their Telegram channel. Since November 2023, these activities have extended to the United States, where compromised devices displayed messages such as, “You have been hacked, down with Israel.”
The U.S. government’s response to these cyber threats highlights the increasing importance of international cooperation and intelligence sharing in addressing cybersecurity challenges.
By offering financial incentives for information, the U.S. aims to disrupt the activities of these hacking groups and protect its critical infrastructure from further attacks.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
The post US to offer $10 million for Information on Iranian CyberAv3ngers Hackers appeared first on Cyber Security News.
MongoDB Cyber Attack, Customer Data Exposed
MongoDB has experienced a security incident in which unauthorized access to its corporate systems was identified.
However, the company confirmed that there was no evidence of access to any customer’s system logs. MongoDB is currently investigating the incident with authorities and forensic experts.
This incident was discovered on Saturday (16th December 2023) when there was a suspicious activity of unauthorized access to their corporate systems. It was found later that the unauthorized access had a longer period before it was detected.
According to the reports shared with Cyber Security News, the security incident involving this unauthorized access to their corporate system included customer account metadata, contact information, customer names, phone numbers, and email addresses.
However, no security vulnerability was identified in any MongoDB products as part of this incident. In addition to this, the company also confirmed that the MongoDB Atlas cluster had no evidence of unauthorized access.
MongoDB specified that MongoDB Atlas cluster authentication has a separate system from MongoDB corporate systems, and there was no evidence of compromise on the authentication system.
After the first incident report of this incident, there was a second incident, which stated a high number of login attempts that resulted in issues with Atlas and the MongoDB support portal.
MongoDB confirmed that this activity was unrelated to the security incident and urged their users to try again after a few minutes.
Investigations are still ongoing, and a complete incident report about this incident has yet to be published. Organizations must keep all their systems updated and patch all the products appropriately to prevent these kinds of incidents.
The post MongoDB Cyber Attack, Customer Data Exposed appeared first on Cyber Security News.
Cyber Security News