FBI | Breaking Cybersecurity News | The Hacker News

In both April and June this year, a series of cyber attacks was conducted against the United States Office of Personnel Management (OPM) . These attacks resulted in 21 million current and former Federal government employees' information being stolen. After months of investigation, the FBI's Cyber Task Force identified several Remote Access Tools (RATs) that were used to carry out the attack. One of the more effective tools discovered is named ' FF-RAT '. FF-RAT evades endpoint detection through stealth tactics, including the ability to download DLLs remotely and execute them in memory only. Hackers use RATs to gain unlimited access to infected endpoints. Once the victim's access privilege is acquired, it is then used for malware deployment, command and control (C&C) server communication, and data exfiltration. Most Advanced Persistent Threat (APT) attacks also take advantage of RAT functionality for bypassing strong authentication, reconnaissance, spreading

The FBI and other law enforcement agencies have arrested more than 70 people suspected of carrying out cyber criminal activities associated with one of the most active underground web forums known as Darkode . Darkode , also used by notorious Lizard Squad , was an online bazaar for cyber criminals looking to buy and sell hacking tools, botnet tools, zero-day exploits, ransomware programs, stolen credit cards, spam services and many illicit products and services. Darkode had been in operation since 2007 before law enforcement authorities seized it this week as part of an investigation carried out in 20 different countries. "We have dismantled a cyber-hornet's' nest...which was believed by many, including the hackers themselves, to be impenetrable," said U.S. Attorney David J. Hickton . The crackdown, which the FBI dubbed Operation Shrouded Horizon , was initiated two years ago by its counterparts in Europe, Brazil and law enforcement agencies in more

Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don't have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial control to SaaS sprawl and Shadow AI. These tools now offer incremental upgrades , helping security professionals meet their company budget or maturity level.  Regulatory pressure, SaaS and AI proliferation, and increased risk of breaches or data leaks through 3rd party apps, make SaaS security one of the hottest areas for practitioners to learn and adopt. New regulations will require robust third-party SaaS risk lifecycle management that begins with SaaS service discovery and third-party risk management (TPRM) and ends with the requirement from CISOs to report incidents in their supply chain

A security researcher who was pulled out from a United Airlines flight last month had previously admitted to Federal Bureau of Investigation (FBI) that he had taken control of an airplane and made it fly briefly sideways. Chris Roberts, the founder of One World Labs , was recently detained, questioned and had his equipment taken by federal agents after he landed on a United flight from Chicago to Syracuse, New York following his tweet suggesting he might hack into the plane's in-flight entertainment system. In that particular tweet, Roberts joked: " Find me on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? 'PASS OXYGEN ON' Anyone? :) " The federal agents addressed the tweet immediately and took it seriously following the Roberts' capabilities of such hacking tactics. In the FBI affidavit first made public Friday - first obtained by APTN National News - Roberts told the FBI earlier this year about not once, b

If you run a self-hosted WordPress website, then you must Beware: "ISIS is after you." Yes, you heard right. The United States Federal Bureau of Investigation (FBI) is warning WordPress users to patch vulnerable plugins for the popular content management system before ISIS exploit them to display pro-ISIS messages. According to the FBI, ISIS sympathizers are targeting WordPress sites and the communication platforms of commercial entities, news organizations, federal/state/local governments, religious institutions, foreign governments, and a number of other domestic and international websites. Targets seem to be random: They are not linked to particular name or business. The attackers are sympathizers and supporters of ISIS (also known as ISIL), not actual members of the terrorist organization. They are mostly unskilled people and are not doing much hard work — Just leveraging known WordPress plugin flaws in commonly available hacking tools. These

The hackers group responsible for the last year's largest hacking attack on Sony Pictures Entertainment left many clues which proves that the Sony's hackers , who called themselves Guardians of Peace (GOP) , linked to North Korea, as claimed by the Federal Bureau of Investigation (FBI). Speaking at the International Conference on Cyber Security (ICCS) at Fordham University in New York on Wednesday, the director of the FBI defended his bureau's claim and said that the North Korean government was involved in the massive cyber attack against Sony Pictures – saying skeptics " don't have the facts that I have ." " There's not much I have high confidence about, " James Comey said, as reported by the FBI New York field office's official Twitter feed. " I have very high confidence... on North Korea. " According to Comey, the hackers usually relied on proxy connections to hide their real IP address each time they sent threatening

Tor has been targeted once again, but this time at a much larger scale. A new attack on Tor network reportedly would either completely shut it down worldwide or turn it into evil network. This time Tor – an internet browser which allows people to maintain their anonymity online by protecting their location – is warning its users of a cyber attack that quietly seized some of its network specialized servers called Directory Authorities (DA) , the servers that help Tor clients to find Tor relays in the anonymous network service. Tor network architecture relies on ten Directory Authorities whose information is hardcoded into Tor clients. These directory authorities are located in the Europe and United States, and maintain the signed list of all the verified exit relays of the Tor network, and according to experts, attack on these backbone servers can "incapacitate" the overall architecture of Tor. " The Tor Project has learned that there may be an attempt to incapacit

The massive hacking attack against Sony Pictures Entertainment have reached a totally unbelievable and scary phase as multiple media sources are saying that Sony Pictures employees received e-mails from hackers threatening to harm them and their family members . Said one employee, " It's really crazy and scary. " It seems like matters for Sony Pictures is getting worse with time. Last month hacking attack on Sony Pictures Entertainment made the studio's internal corporate systems offline and spewed confidential information onto the Internet. Hackers group that identifies itself as # GOP ( Guardians of Peace ) claimed responsibility for the hack and apparently stolen reams of internal corporate data as well. Just a week after the cyber-attack on Sony Pictures Entertainment, high-quality versions of five newest films – Annie , Fury , Still Alice , Mr. Turner and To Write Love on Her Arms – distributed by Sony Pictures leaked online during Black Friday.

What a horrible start the holiday season in U.S. Over Thanksgiving weekend, Sony Pictures Entertainment suffered a massive data breach as "Guardians of Peace" hacked-into Sony Pictures' computer system that brought the studio's network to a screeching halt. Following the hack, hackers leaked five unreleased Sony movies to Torrent file-sharing website during Black Friday. It's still not clear whether both the incident back to back with Sony Pictures belongs to same group of hackers or not, but here's what you need to know about the breach: 1. FBI MALWARE WARNING AFTER SONY PICTURES HACK The U.S. Federal Bureau of Investigation (FBI) warned businesses that cyber criminals have used malicious software to launch destructive cyber-attacks in the United States, following the last week's massive data breach at Sony Pictures Entertainment, in which four unreleased films were stolen and pirate-shared. In a five-page confidential 'flash'

The joint operation by authorities of the U.S. Federal Bureau of Investigation (FBI) and European law enforcement seized Silk Road 2.0 , an alternative to the notorious online illegal-drug marketplace last week, and arrested 26-year-old operator Blake Benthall, but that wasn't the end. US and European authorities over the weekend announced the seizure of 27 different websites as part of a much larger operation called Operation Onymous , which led to take-down of more than "410 hidden services" that sell illegal goods and services from drugs to murder-for-hire assassins by masking their identities using the Tor encryption network. " The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online 'dark' marketplaces, " according to the Europol press release . This globally-coordinated take down is the combined efforts of 17 nations which includes the law enforcemen

The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested " Silk Road 2.0 " operator Blake Benthall , used the alias " Defcon " in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes. Silk Road 2, an alternative to the notorious online illegal-drug marketplace that went dark in October of 2013, has been seized in a joint action involving the FBI, Department of Homeland Security, and European law enforcement. " As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise, " Manhattan US Attorney Preet Bharara said in a statement . " Let's be clear—this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will r

The Federal Bureau of Investigation (FBI) has arrested the CEO of a UK-based company for allegedly advertising and selling a spyware app to individuals who suspect their romantic partners of cheating on them. The dodgy cell phone spyware application, dubbed as StealthGenie , monitors victims' phone calls, text messages, videos, emails and other communications "without detection" when it is installed on a target's phone, according to the Department of Justice. The chief executive officer of a mobile spyware maker is a Pakistani man collared 31-year-old Hammad Akbar , of Lahore, who was arrested over the weekend in Los Angeles for flogging StealthGenie spyware application and now faces a number of federal charges. According to the US Department of Justice, Akbar operates a company called InvoCode, which sold the StealthGenie spyware app online that can intercept communications to and from mobile phones including Apple, Google, and BlackBerry devices. T

Users might have praised the technology companies for efforts to encrypt their latest devices that would prevent law enforcement agencies' hands on users' private data, but the FBI is not at all happy with Apple and Google right now. The Federal Bureau of Investigation director, James Comey , said Thursday he was " very concerned " over Apple and Google using stronger or full encryption in their Smartphones and Tablets that makes it impossible for law enforcement to collar criminals. According to Comey, the Silicon Valley tech giants are "marketing something expressly to allow people to place themselves above the law." " There will come a day – well it comes every day in this business – when it will matter a great, great deal to the lives of people of all kinds that we be able to with judicial authorization gain access to a kidnapper's or a terrorist or a criminal's device, " Comey told reporters . " I just want to make sure we

Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found. The Senate Armed Services Committee has been investigating the issue for the past year and found that the U.S. Military's Transportation Command (TRANSCOM) has been infiltrated at least 20 times in a single year, out of which only two were detected. This is probably the most serious allegation yet against China. The successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with governments. All of those intrusions were attributed to China, the report stated. The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigat

Tor has always been a tough target for law enforcement for years, but the United States Federal Bureau of Investigation ( FBI ) has found a way to successfully track users across the network. Just a few days back, Tor made a difficult announcement that an attack on its system likely exposed its users of anonymity. Now, a new report from Wired suggests that the FBI has been running a malware campaign to identify Tor users by infecting their computers for years on a large scale. FBI USES DRIVE-BY HACKING TO TRACK USERS Tor is generally thought to be a place where users come online to hide their activities and remain anonymous, but a court case has revealed an opposite story. FBI has been using a tactic called drive-by hacking to track computers using the Tor anonymous computing system. Security researchers call the tactic a " drive-by download " in which a hacker infiltrates a high-traffic website to deliver the malware to large swaths of visitors. That simply means t

Botnets - a secretly compromised networks of ordinary home and office computers with rogue software or "malware" that are controlled by an individual criminal or a group - has dramatically increased over the past several years and are considered to pose the biggest threat to the Internet. Cyber criminals have brushed-up their hacking skills and are using Botnets as a cyber weapon to carry out multiple crimes like DDoS attacks (distributed denial of service), mass spamming, page rank and advertising revenue manipulation, mining bitcoins, cyber espionage and surveillance etc. 18 BOTNET INFECTIONS PER SECOND According to the director of FBI's cyber division, Joseph Demarest, Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Yesterday during a hearing before a U.S. Senate committee, he says that every second 18 computers worldwide are part of botnet armies, which amounts to over 500 million comp

Federal Bureau of Investigation (FBI) has been authorized by U.S Congress to hire 2,000 new employees this year, and many of those will be young hackers and Programmers in order to built-up its cyber crime division, but FBI's Director 'James B. Comey' is facing some difficulties. Apparently, FBI's Strict Anti-Drug Policy is making it very difficult for them to go after real criminals because most of the hackers have a fondness of smoking weeds, illicit drug. According to US agency policy, they won't hire anyone who used marijuana in the last three years, but it seems that now the law enforcement agency has to think about deviating from its own policy to get right talent to tackle cybercrimes over the Internet which has become a first priority for the agency. Recently, During an annual conference held at Manhattan's New York City Bar Association, One attendee asked James B. Comey that -- One of his friend who considered an FBI job but ultimately did not apply becaus

On Friday, we reported about the large-scale operation of International raids launched by the FBI and other law enforcement officials in countries around the world to arrest the targeted customers of a popular Remote Administration Tool (RAT) called ' Blackshades ,' which is designed to take over the remote control of the infected computers and steal information. The news broke when various announcements on underground forums by hacking group members claimed that FBI especially going after all of them who purchased the hacking tool using PayPal as payment option. Today, the UK's National Crime Agency announced that the raids took place in more than 100 of countries and they have arrested more than 100 people worldwide involved in the purchasing, selling or using the Blackshades malware. More than half million computers in more than dozens of countries were infected by this sophisticated malware that has been sold on underground forums since at least 2010 to seve