Init0

Hello and welcome back to our blog. This week, there seems to be an abundance of stories that involve government in some way.

The biggest story of the week actually took place last weekend. That is when hackers were able to compromise the Federal Bureau of Investigation’s (FBI) external email system. The FBI said in a statement that fake emails were sent from its Law Enforcement Enterprise Portal system on Saturday, November 13th and were used to communicate with state and local officials. The spam emails may have been sent to thousands of people and companies with a warning of a non-existent cyberattack. Fortunately, “No actor was able to access or compromise any data or (personally identifiable information) on FBI’s network,” the bureau said. “Once we learned of the incident we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.” As always, the great Brian Krebs’ breaks it all down here. 

In other news…

On Monday, President Biden signed a $1 trillion infrastructure bill into law that includes nearly $2 billion for cybersecurity and related provisions. The biggest piece of digital security funding is a Federal Emergency Management Agency cyber grant program, administered in consultation with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, that would distribute $1 billion over four years to state and local governments. An additional $21 million would go toward the Office of the National Cyber Director. 

Agencies that handle cyber security in the US, the UK, and Australia accused the Iranian government of sponsoring cybercriminals who have been exploiting Microsoft and Fortinet vulnerabilities specifically targeted at critical infrastructure. The governments of all three countries say hackers are attempting to take advantage of software flaws, and that these are groups who specialize in APTs – also known as advanced persistent threats – and have focused especially on vulnerabilities within Fortinet. 

Also this week, the UK’s national cyber security center announced it has tackled a record number of cyber incidents in the UK over the last year, with ransomware attacks originating from Russia dominating its activities. The cybersecurity agency said it had helped manage a 7.5% increase in cases in the year to August, fueled by the surge of criminal hackers seizing control of corporate data and demanding payment in cryptocurrency for its return. 

Then, a hacking group claims to have accessed the entire database of people who have crossed borders of Belarus — including the alleged movements of KGB officers and Belarus president Alexander Lukashenko himself. This incident may be tied to the ongoing political crisis in that country, where a group of hackers called …….

Source: https://securityboulevard.com/2021/11/cybersecurity-news-round-up-week-of-november-15-2021/