Threats

Note: Most of my rss feeds on this page are currently broken. Sorry about that. Please consider the “Threats” section under construction for now.

Department of State

The Dept of State has several threat rss feeds, but they aren’t always up.

DHS

Threat information from the Department of Homeland Security (DHS), including the National Terrorism Advisory System and Cybersecurity alerts.

National Terrorism Advisory System (NTAS) Alerts

    Feed has no items.

Cybersecurity

  • AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
    by CISA on January 11, 2022 at 3:00 pm

    Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software.• Develop internal contact lists and surge support. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 10. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community reduce the risk presented by these threats. This CSA provides an overview of Russian state-sponsored cyber […]

  • AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
    by CISA on December 22, 2021 at 3:00 pm

    Original release date: December 22, 2021 | Last revised: December 23, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) are releasing this joint Cybersecurity Advisory (CSA) to provide mitigation guidance on addressing vulnerabilities in  Apache’s Log4j software library: CVE-2021-44228 (known as “Log4Shell”), CVE-2021-45046, and CVE-2021-45105. Sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. CISA, in collaboration with […]

  • AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
    by CISA on December 2, 2021 at 6:00 pm

    Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus—IT help desk software with asset management. CVE-2021-44077, which Zoho rated critical, is an unauthenticated remote code execution (RCE) vulnerability affecting all ServiceDesk Plus versions up to, and including, version 11305. This vulnerability was addressed by the update released by Zoho on September 16, 2021 for ServiceDesk Plus versions […]

  • AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
    by CISA on November 17, 2021 at 2:00 pm

    Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication.• Use strong, unique passwords. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 10. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, CISA, ACSC, […]

  • AA21-291A: BlackMatter Ransomware
    by CISA on October 18, 2021 at 5:00 pm

    Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords. • Use multi-factor authentication.• Implement network segmentation and traversal monitoring. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint Cybersecurity Advisory was developed by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) to provide information on BlackMatter ransomware. Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture Sector organizations. This advisory provides information on cyber actor […]

  • AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
    by CISA on October 14, 2021 at 6:00 pm

    Original release date: October 14, 2021 | Last revised: October 25, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links.• If you use RDP, secure and monitor it. • Use strong passwords. • Use multi-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Agency (CISA), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) to highlight ongoing malicious cyber activity—by both known and unknown actors—targeting the information technology (IT) and operational technology (OT) networks, systems, and devices of U.S. Water and Wastewater Systems (WWS) […]

  • AA21-265A: Conti Ransomware
    by CISA on September 22, 2021 at 5:00 pm

    Original release date: September 22, 2021 | Last revised: September 29, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations. (See FBI Flash: Conti Ransomware Attacks Impact Healthcare and First Responder Networks.) In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment.  To secure systems against Conti ransomware, […]

  • AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
    by CISA on September 16, 2021 at 5:00 pm

    Original release date: September 16, 2021 | Last revised: November 22, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for  referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus—a self-service password management and single sign-on solution. CVE-2021-40539, rated critical by the Common Vulnerability Scoring System (CVSS), is an authentication bypass vulnerability affecting representational state transfer (REST) application programming interface (API) URLs that could enable remote […]

  • AA21-243A: Ransomware Awareness for Holidays and Weekends
    by CISA on August 31, 2021 at 5:00 pm

    Original release date: August 31, 2021 | Last revised: September 2, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Use multi-factor authentication. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021. The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and […]

  • AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
    by CISA on August 17, 2021 at 5:00 pm

    Original release date: August 17, 2021 | Last revised: August 23, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.[1] A remote attacker could exploit CVE-2021-22156 to cause a denial-of-service condition or execute arbitrary code on affected devices.[2] BlackBerry QNX RTOS is used in a wide range of products whose compromise could result in a malicious actor gaining control of highly sensitive systems,  increasing risk to the Nation’s critical functions. Note: at this time, CISA is not aware of active exploitation of this vulnerability. CISA strongly encourages critical infrastructure organizations and other organization developing, maintaining, supporting, or using affected QNX-based systems, to patch affected products as quickly as possible. Refer to the Mitigations […]

DOJ and FBI

Information from the Department of Justice (DOJ) and the FBI focused on federal law enforcement, significant cases in the news, and other alerts.

FBI Top Stories

  • Cyber Academy Focuses on Private Sector Partnerships
    on December 7, 2021 at 9:00 am

    The Chief Information Security Officer Academy gives select personnel at private sector companies a chance to connect with FBI cyber experts and learn how to work with the FBI and partners when a cyber breach occurs.

  • Nursing Assistant Sentenced for Murdering Patients
    on December 1, 2021 at 6:30 am

    A woman who killed several patients at a Veterans Affairs medical center in West Virginia by injecting them with unnecessary insulin was sentenced to life in prison for her crimes.

  • Citizens Academy Alumni Build Trust and Support
    on November 22, 2021 at 6:00 am

    FBI leaders recognized the non-profit FBI Citizens Academy Alumni Association and its members for their uniquely local efforts to help their communities and the FBI.

  • New Top Ten Fugitive
    on November 3, 2021 at 6:00 am

    Yulan Adonay Archaga Carias, the alleged leader of MS-13 for all of Honduras, has been added to the Ten Most Wanted Fugitives list, and the FBI is offering a reward of up to $100,000 for information leading directly to his arrest.

  • FBI and Partners Target Online Drug Markets
    on October 26, 2021 at 9:00 am

    As drug overdose deaths hit a new high in the United States, the FBI and its JCODE partners continue to target the darknet vendors who make dangerous drugs accessible at a click.

  • Extreme Couponing: Criminal Edition
    on October 21, 2021 at 5:00 am

    A woman who churned out thousands of fake coupons was sentenced to more than 12 years in prison and ordered to pay $31.8 million in restitution—a conservative estimate of what she helped steal from stores, restaurants, and product makers.

  • FBI Honors Fallen During 2021 Police Week Events
    on October 18, 2021 at 5:30 am

    As part of a series of events honoring law enforcement personnel who have died in the line of duty, the FBI recognized the sacrifices of its partners and honored its own fallen.

  • Cyber Agent Returns to the FBI with Renewed Focus
    on October 15, 2021 at 6:00 am

    After leaving the FBI to work with a private cyber incident response firm, Special Agent Brett Yeager felt drawn to return to the FBI and its cyber mission.

  • $50,000 Reward in Michael James Pratt Case
    on October 14, 2021 at 10:00 am

    The FBI is seeking a fugitive producer from New Zealand who allegedly coerced hundreds of young women into filming sexually explicit videos for his pornography websites.

  • Evidence Response Team Training
    on October 5, 2021 at 7:00 am

    Evidence teams close the gap between a crime scene and the FBI Laboratory. Get an inside look at the Evidence Response Team Basic Course, where team members learn to process a scene with precision and care.

  • The ERT Toolbox
    on October 5, 2021 at 6:00 am

    Peer into the Evidence Response Team toolbox to see how everyday items and specialized equipment help the team process a scene.

  • Sentence in WMD Case
    on September 30, 2021 at 6:30 am

    A man who stole radiological devices containing Iridium-192 and was intent on hurting himself and others has been sentenced after pleading guilty to attempted use of a weapon of mass destruction.

  • Affinity Fraud Ponzi Scheme
    on September 23, 2021 at 6:00 am

    A Pennsylvania man who orchestrated a $59 million Ponzi scheme targeting fellow members of the Mennonite and Amish religious communities is spending time behind bars.

  • 9/11 Moved Many to Serve
    on September 9, 2021 at 8:00 am

    In the moments after the country was attacked 20 years ago, many felt a profound new calling—a desire to help and to serve. It set some on a path to the FBI.

  • New Top Ten Fugitive
    on September 8, 2021 at 1:00 pm

    Octaviano Juarez-Corro, who allegedly killed two people and injured three others when he brazenly fired multiple shots into a crowded Milwaukee park, has been added to the FBI’s Ten Most Wanted Fugitives list.

  • Diversifying the FBI
    on September 7, 2021 at 5:00 am

    The FBI has launched the Beacon Project, a program designed to create mutually beneficial relationships between the Bureau and Historically Black Colleges and Universities.

  • The 9/11 Toll on FBI Responders
    on September 2, 2021 at 9:00 am

    Twenty years after 9/11, personnel who responded to the attacks are still struggling with health issues related to exposure to toxins in the aftermath. More than 100 FBI employees have been affected thus far, and 17 have died as a result of their illnesses.

  • 9/11 Attacks 20 Years Ago Shaped Today’s FBI
    on August 26, 2021 at 11:00 am

    September 11, 2001 remains one of the most pivotal points in American history—and for the FBI, which still sees terrorism as the gravest threat to the U.S.

  • FBI and Girl Scouts Promote STEM Careers
    on August 19, 2021 at 8:30 am

    The FBI’s participation at a virtual National Girl Scout STEM Festival showed how much both organizations stand to gain from a closer relationship.

  • Surgeon Sentenced
    on August 17, 2021 at 6:00 am

    A Virginia obstetrician/gynecologist received a 59-year prison term after convincing women they needed unnecessary surgeries so he could profit from their insurance providers.

  • Behind the Scenes with Our Summer Interns
    on August 13, 2021 at 12:00 pm

    Get an inside look at the FBI’s Honors Internship Program from members of this summer’s intern class.

  • 60th Anniversary of Bearden Hijacking Case
    on August 3, 2021 at 6:00 am

    A spate of plane hijackings in 1961 prompted Congress to strengthen laws against crimes in the air.

  • Breaking Barriers
    on July 23, 2021 at 9:00 am

    A special agent in the San Juan Division is one of just a few African American women in the Bureau’s history to be selected for an FBI SWAT team.

  • Oklahoma FBI Case Volume Unprecedented
    on July 8, 2021 at 3:00 pm

    The Oklahoma City Field Office has become one of the FBI’s busiest in the year since the Supreme Court affirmed that much of the eastern half of the state is tribal land.

  • Hate Crimes a Top National Threat Priority
    on June 29, 2021 at 6:30 am

    The FBI is stepping up efforts with local law enforcement and civil rights groups to improve the reporting of hate crimes and enforcement of civil rights laws.

  • World Elder Abuse Awareness Day 2021
    on June 15, 2021 at 6:00 am

    People over 60 lost nearly $1 billion in online frauds and scams last year. Learn more about common fraud schemes that target older people as well as practical tips on how to protect yourself and your loved ones from scammers.

  • Operation Trojan Shield
    on June 8, 2021 at 10:30 am

    An innovative, international effort cracked open the encrypted communications platforms relied on by criminal organizations.

  • National Missing Children’s Day 2021
    on May 25, 2021 at 6:00 am

    In recognition of National Missing Children’s Day, we highlight the FBI's work to bring missing children home, whether they've been missing for days or decades.

  • IC3 Logs 6 Million Complaints
    on May 14, 2021 at 12:00 am

    A record-setting pace of reports to the FBI's Internet Crime Complaint Center shows how pervasive cyber-enabled crimes and scams have become.

  • New Executives Reflect FBI’s Push for Diversity
    on May 12, 2021 at 9:00 am

    As part of an ongoing effort to make the Bureau more representative and inclusive, our executive corridor has undergone a steady transition to better reflect the communities we serve.

Kidnappings and Missing Persons

FBI Intelligence

    Feed has no items.