Threats
Note: Most of my rss feeds on this page are currently broken. Sorry about that. Please consider the “Threats” section under construction for now.
Department of State
The Dept of State has several threat rss feeds, but they aren’t always up.
- We recently redesigned State.gov and are in the process of re-enabling RSS (Really Simple Syndication) feeds.on January 19, 2021 at 3:04 pm
As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service.
- We recently redesigned State.gov and are in the process of re-enabling RSS (Really Simple Syndication) feeds.on January 19, 2021 at 3:04 pm
As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service.
- We recently redesigned State.gov and are in the process of re-enabling RSS (Really Simple Syndication) feeds.on January 19, 2021 at 3:04 pm
As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service.
DHS
Threat information from the Department of Homeland Security (DHS), including the National Terrorism Advisory System and Cybersecurity alerts.
National Terrorism Advisory System (NTAS) Alerts
- Feed has no items.
Cybersecurity
- AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environmentsby CISA on January 8, 2021 at 4:36 pm
Original release date: January 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. AA20-352A primarily focuses on an advanced persistent threat (APT) actor’s compromise of SolarWinds Orion products as an initial access vector into networks of U.S. Government agencies, critical infrastructure entities, and private network organizations. As noted in AA20-352A, the Cybersecurity and Infrastructure Security Agency (CISA) has evidence of initial access vectors in addition to the compromised SolarWinds Orion products. This Alert also addresses activity—irrespective of the initial access vector leveraged—that CISA attributes to an APT actor. Specifically, CISA […]
- AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizationsby CISA on December 17, 2020 at 3:00 pm
Original release date: December 17, 2020 | Last revised: January 7, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations. (Updated January 6, 2021): One of the initial access vectors for this activity is a supply chain compromise of a Dynamic Link Library (DLL) in the following SolarWinds Orion products (see Appendix A). Note: prior versions of this Alert included a single bullet that listed two platform versions for the same DLL. For clarity, the Alert now lists these platform versions that share the same DLL version number […]
- AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Databy CISA on December 10, 2020 at 5:00 pm
Original release date: December 10, 2020SummaryThis Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments. Click here for a PDF version of this report. Technical DetailsAs of […]
- AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanksby CISA on December 1, 2020 at 6:00 pm
Original release date: December 1, 2020SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy.[1] The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks. APT actors have relied on multiple avenues for initial access. These have included low-effort capabilities such as spearphishing emails and third-party message services directed at both corporate and personal accounts, as […]
- AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Databy CISA on October 30, 2020 at 6:11 pm
Original release date: October 30, 2020 | Last revised: November 3, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). CISA and the FBI are aware of an Iranian advanced persistent threat (APT) actor targeting U.S. state websites—to include election websites. CISA and the FBI assess this actor is responsible for the mass dissemination of voter intimidation emails to U.S. citizens and the dissemination of U.S. election-related disinformation in mid-October 2020. This disinformation (hereinafter, “the propaganda video”) was in the form of a video purporting to misattribute the activity to a U.S. domestic actor and implies that individuals could cast fraudulent […]
- AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sectorby CISA on October 28, 2020 at 11:07 pm
Original release date: October 28, 2020 | Last revised: November 2, 2020SummaryThis advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health (HPH) Sector to infect systems with ransomware, notably Ryuk and Conti, for financial gain. CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals […]
- AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsukyby CISA on October 27, 2020 at 5:00 pm
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Cyber Command Cyber National Mission Force (CNMF). This advisory describes the tactics, techniques, and procedures (TTPs) used by North Korean advanced persistent threat (APT) group Kimsuky—against worldwide targets—to gain intelligence on various topics of interest to the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.cisa.gov/northkorea. This advisory describes known Kimsuky TTPs, as found in […]
- AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systemsby CISA on October 22, 2020 at 4:00 pm
Original release date: October 22, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. The APT actors are creating fictitious media sites and spoofing legitimate media sites to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud. The APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, structured query language (SQL) injections attacks, spear-phishing campaigns, website defacements, and disinformation campaigns. Click here for a PDF version of this report. Technical DetailsThese actors have conducted a significant number of […]
- AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targetsby CISA on October 22, 2020 at 12:44 pm
Original release date: October 22, 2020 | Last revised: December 1, 2020SummaryThis joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA)—provides information on Russian state-sponsored advanced persistent threat (APT) actor activity targeting various U.S. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. This advisory updates joint CISA-FBI cybersecurity advisory AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations. Since at least September 2020, a Russian state-sponsored APT actor—known variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, […]
- AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizationsby CISA on October 9, 2020 at 8:21 pm
Original release date: October 9, 2020 | Last revised: October 24, 2020SummaryThis joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note: the analysis in this joint cybersecurity advisory is ongoing, and the information provided should not be considered comprehensive. The Cybersecurity and Infrastructure Security Agency (CISA) will update this advisory as new information is available. This joint cybersecurity advisory was written by CISA with contributions from the Federal Bureau of Investigation (FBI). CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of […]
DOJ and FBI
Information from the Department of Justice (DOJ) and the FBI focused on federal law enforcement, significant cases in the news, and other alerts.
FBI Top Stories
- Hacker Who Disrupted PPE Shipments Sentencedon January 6, 2021 at 6:00 am
A disgruntled former employee of a medical equipment packaging company was sentenced for hacking into the company’s computer systems and disrupting the shipment of personal protective equipment during the COVID-19 pandemic.
- Innocent Images Program Marks 25 Yearson December 28, 2020 at 8:00 am
When a 1990s kidnapping case led FBI agents to individuals who were using the internet to share images of child sexual abuse and lure children into harm, it launched a revolution in how the FBI investigates these crimes.
- New Charges in Pan Am Flight 103 Bombingon December 21, 2020 at 11:00 am
Thirty-two years after the terrorist bombing of a Pan Am jet over Scotland killed 270 people, including 190 Americans, charges have been filed against a former Libyan intelligence operative for his alleged role in building the bomb.
- Iris Biometric Added to NGIon December 11, 2020 at 10:00 am
The Next Generation Identification Iris Service gives the FBI and partner agencies the ability to capture, catalog, and make rapid comparisons of iris images with a high rate of accuracy.
- Five Things to Know About NIBRSon November 25, 2020 at 7:40 am
Next year, the National Incident-Based Reporting System will become the national crime data collection program. The result will be more robust and complete data for law enforcement, researchers, and the public.
- Sextortionon November 10, 2020 at 7:00 am
The case of a Florida man who was sentenced to 60 years in prison for victimizing a teenager online highlights the growing crime of sextortion and its devastating real-life consequences.
- New Top Ten Fugitiveon October 13, 2020 at 6:37 am
Jose Rodolfo Villarreal-Hernandez, wanted for allegedly directing individuals to track and murder a man in Southlake, Texas, has been added to the FBI’s Ten Most Wanted Fugitives list. A reward of up to $1 million is available for information leading to his arrest.
- Train Derailment Mysteryon October 9, 2020 at 6:00 am
Twenty-five years after the derailment of Amtrak's Sunset Limited passenger train in Arizona killed the conductor and injured dozens of passengers, investigators are still trying to find answers—and justice for the victims.
- Operation DisrupToron September 22, 2020 at 8:30 am
A Joint Criminal Opioid and Darknet Enforcement (JCODE) investigation in Los Angeles exemplifies the teamwork and tenacity required to uncover the people behind drug operations that run through a network prized for its encryption and anonymity.
- Iran at Center of Cyber Crime Charges in Three Caseson September 18, 2020 at 1:01 pm
Criminal charges announced against multiple alleged hackers in Iran show the breadth of the cyber threat emanating from that country and the FBI and partner agency efforts to neutralize it and hold the individuals accountable.
- FBI Checklist Aids Searches for Missing Autistic Childrenon September 18, 2020 at 9:00 am
After a 6-year-old boy with autism went missing in North Carolina in 2018, the FBI’s Child Abduction Rapid Deployment Team developed a one-page questionnaire to help investigators be better prepared in similar cases.
- FBI Strategy Addresses Evolving Cyber Threaton September 16, 2020 at 9:08 am
FBI Director Christopher Wray announced the Bureau’s new strategy for countering cyber threats in remarks at the virtual CISA National Cybersecurity Summit.
- Robots Help Manage Billions of Pages at New FBI Central Records Complexon August 12, 2020 at 2:00 am
The new facility in Virginia will house more than 2 billion pages of records and enlists robots to help with filing and retrieval.
- Trade Secret Thefton July 29, 2020 at 10:14 am
A lengthy FBI investigation resulted in guilty pleas from two men who admitted to their roles in stealing trade secrets from General Electric to start a competing business in another country.
- Danger Beneath the Surfaceon July 22, 2020 at 6:00 am
Get an interactive look at how the FBI’s Underwater Post-Blast Investigation course prepares the nation's public safety bomb tech divers to counter threats in their home harbors and waterways.
- Nicholas R. Ochs Arrested for Unlawful Entry into the United States Capitol Buildingon January 9, 2021 at 3:22 pm
Nicholas Ochs was charged with unlawful entry into the United States Capitol building on January 6, 2021.
- Three Men Charged in Connection with Events at U.S. Capitolon January 9, 2021 at 2:46 pm
Jacob Anthony Chansley, Adam Johnson, and Derrick Evans were charged in connection with the riots at the U.S. Capitol on January 6, 2021.
- FBI Assistant Director in Charge Steven M. D’Antuono’s Remarks on Press Call Regarding Violence at U.S. Capitolon January 8, 2021 at 6:25 pm
FBI Washington Field Office Assistant Director in Charge Steven M. D’Antuono delivered remarks during a press call regarding the January 6, 2021, violent activity at the U.S. Capitol.
- Man Arrested for Illegally Entering Office of Speaker of the Houseon January 8, 2021 at 3:13 pm
Richard Barnett was arrested on multiple criminal charges related to his alleged unlawful activities earlier this week at the U.S. Capitol building.
- Alabama Man Charged with Possession of 11 Molotov Cocktails Found Near Protest at U.S. Capitolon January 8, 2021 at 3:00 pm
Lonnie Leroy Coffman was charged for possessing the components for the construction of 11 Molotov cocktails in the form of mason jars filled with ignitable substances, rags, and lighters.
- Thirteen Charged in Federal Court Following Riot at the United States Capitolon January 8, 2021 at 2:11 pm
Thirteen individuals have been charged so far in federal court in relation to crimes committed at the U.S. Capitol in Washington, D.C, on January 6, 2021.
- Houston Woman Arrested for Lottery Fraud Schemeon January 8, 2021 at 10:18 am
Gloria Kirk Edmonson has been arrested for her role in a lottery fraud scheme and charged with conspiracy, wire fraud, mail fraud, and related crimes.
- Wilmington Gang Member Receives Four Years in Federal Prisonon January 7, 2021 at 4:14 pm
Aaron Bell, a Wilmington gang member, was sentenced to 48 months' imprisonment for distribution of a quantity of heroin and felony possession of a firearm.
- Ohio Man Pleads Guilty to Armed Robbery of Robinson Township Bankon January 7, 2021 at 4:13 pm
Montague Howard, a former resident of Wintersville, Ohio, pleaded guilty in federal court to an armed bank robbery charge.
- U.S. Attorney John H. Durham Encourages People with Information About U.S. Capitol Incursion to Contact FBIon January 7, 2021 at 4:11 pm
We encourage people with information related to the activity at the U.S. Capitol to contact the FBI (https://tips.fbi.gov/digitalmedia/aad18481a3e8f02).
- 20th MS-13 Member Pleads Guilty in Violent Racketeering Conspiracyon January 7, 2021 at 4:08 pm
Juan Flores-Castro of Columbus pleaded guilty to participating in a racketeering conspiracy on behalf of MS-13.
- Tulsa Man Sentenced for Attempting to Transfer Obscene Material to a Minoron January 7, 2021 at 4:06 pm
Aaron Charles Merritt of Tulsa has been sentenced to 54 months in prison for attempting to send obscene material to an individual he believed was a 14-year-old girl.
- New Hampshire Man Sentenced for Financial Fraud Scheme Using Stolen Identitieson January 7, 2021 at 4:04 pm
Jonathan Nguyen of Windham, New Hampshire, has been sentenced in a scheme to conduct fraudulent financial transactions using stolen account information.
- Federal Authorities Investigating Any Potential Violations of Federal Law by Residents of Southern District of Ohio at U.S. Capitolon January 7, 2021 at 4:02 pm
Officials will investigate any potential violations of federal crime at the U.S. Capitol Building on January 6, 2021, committed by individuals from the Southern District of Ohio.
- Developer Agrees to Pay $1.2 Million to Resolve Criminal Probe Into Executive’s Relationship with Ex-Los Angeles City Councilman Jose Huizaron January 7, 2021 at 3:59 pm
CP Employer, Inc., formerly known as Carmel Partners, Inc., has agreed to pay $1.2 million to resolve a federal criminal investigation.
Kidnappings and Missing Persons
- Hate Crime Data Helps Law Enforcement Address Threaton January 19, 2021 at 6:00 am
The FBI collects hate crime statistics to help law enforcement target their resources to address these crimes.
- FBI Releases 2019 NIBRS Crime Dataon December 22, 2020 at 6:00 am
The FBI has released its annual National Incident-Based Reporting System (NIBRS) crime statistics for 2019.
- NCIC Helps Alaska Police Find Missing Person in Hawaiion November 24, 2020 at 5:00 am
NCIC helped a family in Alaska learn the whereabouts of their missing relative.
- Uniform Crime Reporting: Still Vital After 90 Years (Part 2)on November 10, 2020 at 6:00 am
The Uniform Crime Reporting Program has been providing the country with crime statistics for 90 years.
- FBI Releases Second Installment of LEOKA 2019on October 27, 2020 at 6:00 am
The second installment of the Law Enforcement Officers Killed and Assaulted, 2019 report includes data on law enforcement officers assaulted in the line of duty last year.
- FBI Releases 2019 Crime Statisticson October 1, 2020 at 6:00 am
The FBI released the 2019 edition of Crime in the United States on September 28, 2020.
- FBI Releases 2019 Participation Data for the National Use-of-Force Data Collectionon August 18, 2020 at 6:00 am
More than 5,000 federal, state, local, and tribal law enforcement agencies submitted use-of-force data to the National Use-of-Force Data Collection for 2019.
- Are You Ready? The Countdown to NIBRSon August 4, 2020 at 6:00 am
On January 1, 2021, the FBI will retire SRS in a major initiative to upgrade and update the nation’s crime statistics.
- Uniform Crime Reporting Program: Still Vital After 90 Yearson June 23, 2020 at 6:45 am
The Uniform Crime Reporting Program has been providing the country with crime statistics for 90 years.
- FBI Releases 2019 Statistics on Law Enforcement Officers Killed in the Line of Dutyon May 12, 2020 at 5:30 am
According to statistics reported to the FBI, 89 U.S. law enforcement officers were killed in the line of duty in 2019.
- Nation’s Law Enforcement Agencies Transition to NIBRS Crime Reporting Systemon March 3, 2020 at 6:30 am
Law enforcement agencies’ transitions to National Incident-Based Reporting System will improve quality of the nation’s crime data.
- CJIS Division: 2019 Year in Reviewon February 18, 2020 at 6:00 am
The 2019 Criminal Justice Information Services Division's Year in Review highlights the division's commitment to provide the best possible tools for its law enforcement partners.
- How Can NIBRS Help Colleges and Universities?on January 21, 2020 at 6:00 am
The FBI and its law enforcement partners developed the National Incident-Based Reporting System (NIBRS) to provide more detailed crime statistics to benefit all law enforcement agencies, including campus law enforcement.
- 2019 Preliminary Data on Law Enforcement Officer Deaths Availableon April 16, 2019 at 8:00 am
The FBI’s Law Enforcement Officers Killed and Assaulted Program frequently updates the preliminary data on officer deaths for the current year on its webpage on fbi.gov.
- CJIS Linkon June 2, 2016 at 10:12 am
The CJIS Link is a publication that tells our partners about new services and system capabilities, as well as relevant changes in policy.
FBI Intelligence
- Feed has no items.