Amdall Gallery

As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service. […]

As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service. […]

As in the past, you will be able to choose from several Department of State RSS feeds to get the latest news from the Department delivered directly to your desktop via an RSS reader or news aggregator. Or sign up to get updates via our email subscription service. […]

Original release date: May 02, 2019 | Last revised: May 03, 2019Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. [1] Technical Details A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit tools, termed “10KBLAZE.” The presentation details the new exploit tools and reports on systems exposed to the internet.SAP Gateway ACLThe SAP Gateway allows non-SAP applications to communicate with SAP applications. If SAP Gateway access control lists (ACLs) are not configured […]

Original release date: January 24, 2019 | Last revised: February 13, 2019Summary The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.See the following links for downloadable copies of open-source indicators of compromise (IOCs) from the sources listed in the References section below:IOCs (.csv)IOCs (.stix)Note: these files were last updated February 13, 2019, to remove the following three non-malicious IP […]

Original release date: December 03, 2018Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, this report provides recommendations for prevention and mitigation.The SamSam actors targeted multiple industries, including some within critical infrastructure. Victims were located predominately in the United States, but also internationally. Network-wide infections against organizations are far more likely to garner large ransom payments than infections of individual systems. Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms.The actors […]

Original release date: November 27, 2018Systems Affected Microsoft Windows Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). DHS and FBI are releasing this TA to provide information about a major online ad fraud operation—referred to by the U.S. Government as "3ve"—involving the control of over 1.7 million unique Internet Protocol (IP) addresses globally, when sampled over a 10-day window. Description Online advertisers desire premium websites on which to publish their ads and large numbers of visitors to view those ads. 3ve created fake versions of both (websites and visitors), and funneled the advertising revenue to cyber criminals. 3ve obtained control over 1.7 million unique IPs by leveraging victim computers infected with Boaxxe/Miuref and Kovter malware, as well as Border […]

Original release date: October 11, 2018Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5]In it we highlight the use of five publicly available tools, which have been used for malicious purposes in recent cyber incidents around the world. The five tools are:Remote Access Trojan: JBiFrostWebshell: China ChopperCredential Stealer: MimikatzLateral Movement Framework: PowerShell EmpireC2 Obfuscation and Exfiltration: HUC Packet TransmitterTo aid the work of network defenders and systems administrators, we also provide advice on limiting the effectiveness of these tools and detecting their use on a network.The individual tools we cover in this report are limited examples of the types of tools used by threat actors. You should not consider this an exhaustive list when planning your network defense.Tools and techniques for exploiting networks […]

Original release date: October 03, 2018Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016, APT actors have used various tactics, techniques, and procedures (TTPs) for the purposes of cyber espionage and intellectual property theft. APT actors have targeted victims in several U.S. critical infrastructure sectors, including Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing.This Technical Alert (TA) provides information and guidance to assist MSP customer network and system administrators with the detection of malicious activity on their networks and systems and the mitigation of associated risks. This TA includes an overview of TTPs used by APT actors in MSP network environments, recommended mitigation […]

Original release date: October 03, 2018Systems Affected Network Systems Overview This technical alert addresses the exploitation of trusted network relationships and the subsequent illicit use of legitimate credentials by Advanced Persistent Threat (APT) actors. It identifies APT actors' tactics, techniques, and procedures (TTPs) and describes the best practices that could be employed to mitigate each of them. The mitigations for each TTP are arranged according to the National Institute of Standards and Technology (NIST) Cybersecurity Framework core functions of Protect, Detect, Respond, and Recover. Description APT actors are using multiple mechanisms to acquire legitimate user credentials to exploit trusted network relationships in order to expand unauthorized access, maintain persistence, and exfiltrate data from targeted organizations. Suggested best practices for administrators to mitigate this threat include auditing credentials, […]

Original release date: October 02, 2018 | Last revised: December 21, 2018Systems Affected Retail Payment Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Department of the Treasury (Treasury), and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS, Treasury, and FBI identified malware and other indicators of compromise (IOCs) used by the North Korean government in an Automated Teller Machine (ATM) cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.FBI has high confidence that HIDDEN COBRA actors are using the IOCs listed in this report to maintain a presence on victims’ networks to enable network exploitation. […]

Original release date: July 20, 2018Systems Affected Network Systems Overview Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.This joint Technical Alert (TA) is the result of Multi-State Information Sharing & Analysis Center (MS-ISAC) analytic efforts, in coordination with the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC). Description Emotet continues to be among the most costly and destructive malware affecting SLTT governments. Its worm-like features result in rapidly spreading network-wide infection, which are difficult to combat. Emotet infections have cost SLTT governments up to $1 million per incident to remediate.Emotet is an […]

Original release date: May 29, 2018 | Last revised: May 31, 2018Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:a remote access tool (RAT), commonly known as Joanap; anda Server Message Block (SMB) worm, commonly known as Brambul.The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and […]

A fraudster who conducted a text message-based phishing scam to steal bank information—and used that information to steal thousands of dollars from victims—is now behind bars. […]

A man who conducted a relentless campaign of online harassment against a law school interviewer after not being accepted to the school is now serving a federal prison sentence. […]

Director Christopher Wray and Attorney General William Barr emphasized coordination and communication between federal, state, local, and international agencies in remarks today to more than 250 law enforcement officers graduating from the FBI’s National Academy. […]

Belize Police Department Inspector Sherlet Ramclam, a single mother of four and the country's first female delegate to the FBI National Academy, hopes her experience will shape the future of her country's national law enforcement agency. […]

A Chinese national who stole medical device research trade secrets from his employer in California—with the goal of creating a competing Chinese company—has been convicted and sentenced. […]

Though it occurred decades ago, the case of American engineer William Holden Bell, who betrayed his country through espionage, still provides lessons and warning signs for today. […]

The FBI is seeing a growing number of cases involving young people who are manipulated, threatened, or coerced into creating explicit content by an adult online. […]

Eugene Palmer, wanted for allegedly killing his daughter-in-law outside her home in Stony Point, New York, has been added to the FBI’s Ten Most Wanted Fugitives list. […]

The FBI and Marine Corps Wounded Warrior Regiment joined for a networking and training event to celebrate their long-standing partnership and expose the Marines to career opportunities in law enforcement and national security agencies. […]

A Kentucky couple nearly escaped prosecution for setting a fire that burned their home to the ground and led to the death of a firefighter until a new FBI agent’s search for fresh evidence helped bring them to justice. […]

The FBI joins the nation in honoring local, state, and federal law enforcement officers—including its own agents—who have made the ultimate sacrifice in the line of duty. […]

During Police Week, the FBI is intensifying its efforts to identify and arrest fugitives believed to be involved in the assault or murder of law enforcement officers. […]

As the FBI celebrates 100 years of African-American special agents, we remember the first African-American FBI agent killed in the line of duty, who was honored during a street renaming ceremony in his native Brooklyn, New York, 50 years after his death. […]

Arnoldo Jimenez, an Illinois man wanted for allegedly murdering his new bride less than 24 hours after marrying her, has been named to the FBI’s Ten Most Wanted Fugitives list. […]

A total of 106 officers were killed in the line of duty last year—an increase from 2017—according to the FBI's Law Enforcement Officers Killed and Assaulted, 2018 report, released today. […]

Director Christopher Wray has named Jennifer Boone as the special agent in charge of the Baltimore Field Office. Most recently, Ms. […]

Scott Novick, the owner of a pain clinic and a pharmacy in South Florida, was sentenced to 78 months in prison for his role in a $2.2 million Medicare fraud scheme. […]

Joel Haines, a Miami County man who pleaded guilty to possessing child pornography, was sentenced to 70 months in federal prison. […]

A federal grand jury in Portland returned a six-count indictment charging Lebanon, Oregon, business owner Robert A. Lund with evading taxes. […]

Kyle James Ferris was sentenced on four counts of abusive sexual contact and will serve a 40-month prison term, followed by 10 years of supervised release. […]

Michael Leavitt was sentenced to 10 years imprisonment after having pleaded guilty to receipt of over 600 images of child pornography via the Internet. […]

Three physicians and five marketers have been charged with causing health care insurance programs to pay reimbursement costs for fraudulent and expensive drug prescriptions in return for kickbacks. […]

The following individuals have been charged with violations of United States law in indictments returned by the June 2019 Federal Grand Jury. […]

A seven-count indictment was unsealed charging Jack Dale Mitchell with using a firearm to traffic heroin, fentanyl, methamphetamine and crack cocaine. […]

Calvin Mark Wilson was sentenced to 420 months in prison for conspiring to distribute, and possess with intent to distribute, one kilogram or more of heroin and a quantity of marijuana. […]

Margaret E. Hunter admitted in federal court that she and her husband knowingly and willfully used campaign funds as their personal bank account for years. […]

Michael Wustrow pleaded guilty in federal court in Central Islip to possession of multiple images of children engaged in sexually explicit conduct on his cell phone. […]

Anthony Smallwood was indicted in federal court in Boston in connection with trafficking and distributing fentanyl, engaging in five separate drug sales over two months. […]

James Goldman Grant was sentenced to four years and three months in prison, as well as five years of supervised release, for possession of child pornography. […]

Alan Piwowar was sentenced after pleading guilty to knowingly causing a 2-year-old child in his custody to engage in sexually explicit conduct and taking photographs. […]

The Uniform Crime Reporting Program has transitioned from its legacy data collection system to a more modern reporting platform. This change may result in differences in UCR data from previous years. Program participants should use caution when analyzing data. […]

The National Data Exchange (N-DEx) System’s Information Exchange Package Documentation (IEPD) is available for public review and comments until July 9, 2019. […]

Ohio and Tennessee are early enrollers for bulk submissions of use-of-force incidents in the FBI’s new National Use of Force Data Collection. […]

The FBI’s National Palm Print System (NPPS) has dramatically improved law enforcement access to palm prints previously stored within local, state, tribal, and federal law enforcement agency databases. […]

The FBI’s Law Enforcement Officers Killed and Assaulted Program frequently updates the preliminary data on officer deaths for the current year on its webpage on fbi.gov. […]

The UCR Program will transition from the Summary Reporting System to the National Incident Based Reporting System by January 1, 2021. The CJIS Division has compiled a list of 30 frequently asked questions you may have about the transition. […]

The 2018 Preliminary Semiannual Uniform Crime Report, released February 26, shows declines in both violent crime and property crime in the first half of 2018. […]

The FBI’s National Data Exchange (N-DEx) System proves instrumental in helping officers identify and locate probation absconders, felony warrant subjects, and a violent gang member. […]

The 2018 Year in Review demonstrates the CJIS Division’s commitment to provide the best possible tools to help its partners fight crime and terrorism. […]

The FBI released information on more than 6 million criminal offenses submitted to its National Incident-Based Reporting System last year, as law enforcement continues transitioning to the more robust system. […]

The official launch of the National Use-of-Force Data Collection, which offers a comprehensive view of use-of-force incidents, will take place on January 1, 2019. […]

For two decades, the National Instant Criminal Background Check System (NICS) has been ascertaining a person’s eligibility under law to receive or possess a firearm. […]

The number of hate crime incidents reported to the FBI increased about 17 percent in 2017 compared with the previous year, according to the Uniform Crime Reporting Program’s annual Hate Crime Statistics report. […]

The FBI’s National Data Exchange (N-DEx) System was instrumental in helping the Troup County Sheriff's Office in Georgia locate two wanted felons. […]

The CJIS Link is a publication that tells our partners about new services and system capabilities, as well as relevant changes in policy. […]

During World War II, Argentina was a hotbed of intrigue and proved to be a tough environment for […]

During a meeting of intelligence and national security leaders, FBI Director Christopher Wray […]

The FBI's Weapons of Mass Destruction Directorate was established 10 years ago and today serves as […]

New collaborative program at FBI Academy integrates agents and intelligence analysts. […]

Director Comey joined Director of National Intelligence Clapper and several other Intelligence […]

The FBI vigilantly investigates cases of industrial espionage and theft of intellectual property, […]

Standing outside the White House on a sunny day in May 1955, President Dwight Eisenhower smiled as […]

Economic espionage is a significant threat to our country’s economic health and security. […]

Investigating financial crime is like working a puzzle—you have to fit all of the pieces of […]

At the National Virtual Translation Center’s offices near FBI Headquarters in Washington […]