Threats

Note: Most of my rss feeds on this page are currently broken. Sorry about that. Please consider the “Threats” section under construction for now.

Department of State

The Dept of State has several threat rss feeds, but they aren’t always up.

DHS

Threat information from the Department of Homeland Security (DHS), including the National Terrorism Advisory System and Cybersecurity alerts.

National Terrorism Advisory System (NTAS) Alerts

    Feed has no items.

Cybersecurity

  • AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
    by CISA on June 23, 2022 at 5:00 pm

    Original release date: June 23, 2022 | Last revised: June 24, 2022SummaryActions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised. • Minimize the internet-facing attack surface by hosting essential services on a segregated demilitarized (DMZ) zone, ensuring strict network perimeter access controls, and implementing regularly updated web application firewalls (WAFs) in front of public-facing services The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware […]

  • AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
    by CISA on June 7, 2022 at 10:00 pm

    Original release date: June 7, 2022 | Last revised: June 10, 2022SummaryBest Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure. These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organizations. The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—associated with network devices routinely exploited by the cyber actors since 2020. This joint Cybersecurity Advisory was coauthored by the National Security […]

  • AA22-152A: Karakurt Data Extortion Group
    by CISA on June 1, 2022 at 2:00 pm

    Original release date: June 1, 2022 | Last revised: June 2, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enforce multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are releasing this joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group, also known as the Karakurt Team and Karakurt Lair. Karakurt actors have employed a variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation. Karakurt victims have not reported encryption of compromised machines or files; rather, Karakurt actors have claimed to steal data and threatened to auction it off or release it to the public […]

  • AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
    by CISA on May 18, 2022 at 6:00 pm

    Original release date: May 18, 2022 | Last revised: June 2, 2022SummaryUpdate June 2, 2022: This Cybersecurity Advisory (CSA) has been updated with additional indicators of compromise (IOCs) and detection signatures, as well as tactics, techniques, and procedures (TTPs) from trusted third parties.  Update End The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this CSA to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. Exploiting these vulnerabilities permits malicious actors to trigger a server-side template injection that may result in remote code execution (RCE) (CVE-2022-22954) or escalation of privileges to root […]

  • AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
    by CISA on May 18, 2022 at 1:00 pm

    Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2022-1388. This recently disclosed vulnerability in certain versions of F5 Networks, Inc., (F5) BIG-IP enables an unauthenticated actor to gain control of affected systems via the management port or self-IP addresses. F5 released a patch for CVE-2022-1388 on May 4, 2022, and proof of concept (POC) exploits have since been publicly released, enabling less sophisticated actors to exploit the vulnerability. Due to previous exploitation of F5 BIG-IP vulnerabilities, CISA and MS-ISAC assess unpatched F5 BIG-IP devices are an attractive […]

  • AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
    by CISA on May 17, 2022 at 1:00 pm

    Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices and includes best practices to mitigate the issues. This advisory was coauthored by the cybersecurity authorities of the United States,[1],[2],[3] Canada,[4] New Zealand,[5],[6] the Netherlands,[7] and the United Kingdom.[8] Download the PDF version of this report (pdf, 430kb). Technical DetailsMalicious actors commonly use the […]

  • AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
    by CISA on May 11, 2022 at 11:00 am

    Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security roles and responsibilities. The cybersecurity authorities of the United Kingdom (NCSC-UK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA), (NSA), (FBI) are aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and expect this trend to continue.[1] This joint Cybersecurity Advisory (CSA) provides actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. This advisory describes cybersecurity best practices for information and communications technology (ICT) services and […]

  • AA22-117A: 2021 Top Routinely Exploited Vulnerabilities
    by CISA on April 27, 2022 at 2:00 pm

    Original release date: April 27, 2022 | Last revised: April 28, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), and United Kingdom’s National Cyber Security Centre (NCSC-UK). This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited. U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities assess, in 2021, malicious cyber actors aggressively targeted newly disclosed critical software vulnerabilities against broad target sets, including public and […]

  • AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
    by CISA on April 20, 2022 at 5:00 pm

    Original release date: April 20, 2022 | Last revised: May 9, 2022SummaryActions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote Desktop Protocol and other risky services. • Provide end-user awareness and training. The cybersecurity authorities of the United States[1][2][3], Australia[4], Canada[5], New Zealand[6], and the United Kingdom[7][8] are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and […]

  • AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
    by CISA on April 18, 2022 at 1:38 pm

    Original release date: April 18, 2022 | Last revised: April 20, 2022SummaryActions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020. This group is commonly tracked by the cybersecurity industry as Lazarus Group, APT38, BlueNoroff, and Stardust Chollima. For more information on North Korean state-sponsored malicious cyber activity, visit https://www.us-cert.cisa.gov/northkorea. The U.S. government has observed North Korean cyber […]

DOJ and FBI

Information from the Department of Justice (DOJ) and the FBI focused on federal law enforcement, significant cases in the news, and other alerts.

FBI Top Stories

  • FBI Honors Fallen During 2022 Police Week Events
    on May 11, 2022 at 4:00 pm

    As the nation recognizes Police Week, FBI Director Christopher Wray expressed his gratitude to law enforcement officers nationwide.

  • Former FBI Director Airs Warning About Elder Fraud
    on May 10, 2022 at 9:00 am

    The former director of the FBI and CIA is warning older people—as well as their loved ones and caregivers—to be aware of elder fraud schemes.

  • FBI Defeats U.S. Secret Service in Charity Hockey Game
    on April 30, 2022 at 6:00 am

    The FBI defeated hockey rivals the U.S. Secret Service, as the annual charity game tradition between the two agencies resumes.

  • Administrative Professionals Helped Run the FBI in Its Earliest Days
    on April 27, 2022 at 6:00 am

    On this Administrative Professionals Day, we look back at assistants who were crucial to the FBI during its earliest days.

  • Bomb Squads Safely Handle Decades-Old Military Explosives
    on April 21, 2022 at 4:00 am

    FBI and local police bomb squads are frequently called to homes where decades-old military explosives have been found.

  • Farmers, Agents Convicted in Crop Insurance Program Fraud Scheme in Kentucky
    on April 7, 2022 at 9:00 am

    Nearly two dozen people have pleaded guilty to criminal charges in a widespread, multimillion dollar scheme to defraud both federal and private crop insurance programs.

  • Coordinated Global Operation Disrupted BEC Schemes
    on March 30, 2022 at 8:00 am

    Operation Eagle Sweep targeted BEC scammers believed to be responsible for victimizing at least 500 people in the United States.

  • Russian Government Employees Charged in Hacking Campaigns
    on March 24, 2022 at 4:30 pm

    Four Russian nationals who worked for the Russian government were charged in connection with cyber intrusions that targeted the global energy sector between 2012 and 2018.

  • Getting Them to the Fight
    on March 23, 2022 at 6:00 am

    Get an interactive look at how the mobility operators within the FBI's Hostage Rescue Team train to get to any location, under any conditions.

  • Director Addresses Black Law Enforcement Leaders
    on March 18, 2022 at 6:00 am

    In a speech at the National Organization of Black Law Enforcement Executives conference, FBI Director Christopher Wray discussed violent crime reduction efforts and law enforcement data collections.

  • FBI Continues Outreach and Recruiting at HBCUs
    on March 9, 2022 at 6:00 am

    FBI leaders and executives from 25 Historically Black Colleges and Universities (HBCUs) met in Mississippi as part of a program created to strengthen community ties and improve the diversity of the FBI.

  • CEO’s Theft Leads to Closure of Credit Union
    on February 17, 2022 at 2:30 am

    The leader of a small town credit union brazenly stole more than $2 million from the bank, causing the demise of the institution founded by her own grandparents decades ago.

  • FBI Miami Marks One-Year Anniversary of Agents’ Deaths
    on February 11, 2022 at 6:30 am

    A year after Special Agents Daniel Alfin and Laura Schwartzenberger were killed in the line of duty, the FBI’s Miami Field Office is still grieving, but moving forward—determined to forever honor their fallen colleagues’ memories and live up to the high standards they set.

  • Community Outreach Seeks to Improve Hate Crime Reporting
    on February 3, 2022 at 9:00 am

    In FBI field offices nationwide, agents and community outreach specialists are working every day to boost reporting in support of a comprehensive effort to combat hate crimes.

  • Director Wray Addresses Threats Posed to the U.S. by China
    on February 1, 2022 at 10:40 am

    In a speech at the Ronald Reagan Presidential Library and Museum, FBI Director Christopher Wray discussed the myriad threats our nation faces from the Chinese government and Chinese Communist Party.

  • Landmark Federal Hate Crime Conviction
    on January 27, 2022 at 6:00 am

    Working with the FBI and the Santa Cruz Police Department, the Northern District of California prosecuted its first case under the Matthew Shepard and James Byrd, Jr. Hate Crimes Prevention Act.

  • Cyber Academy Focuses on Private Sector Partnerships
    on December 7, 2021 at 9:00 am

    The Chief Information Security Officer Academy gives select personnel at private sector companies a chance to connect with FBI cyber experts and learn how to work with the FBI and partners when a cyber breach occurs.

  • Nursing Assistant Sentenced for Murdering Patients
    on December 1, 2021 at 6:30 am

    A woman who killed several patients at a Veterans Affairs medical center in West Virginia by injecting them with unnecessary insulin was sentenced to life in prison for her crimes.

  • Citizens Academy Alumni Build Trust and Support
    on November 22, 2021 at 6:00 am

    FBI leaders recognized the non-profit FBI Citizens Academy Alumni Association and its members for their uniquely local efforts to help their communities and the FBI.

  • New Top Ten Fugitive
    on November 3, 2021 at 6:00 am

    Yulan Adonay Archaga Carias, the alleged leader of MS-13 for all of Honduras, has been added to the Ten Most Wanted Fugitives list, and the FBI is offering a reward of up to $100,000 for information leading directly to his arrest.

  • FBI and Partners Target Online Drug Markets
    on October 26, 2021 at 9:00 am

    As drug overdose deaths hit a new high in the United States, the FBI and its JCODE partners continue to target the darknet vendors who make dangerous drugs accessible at a click.

  • Extreme Couponing: Criminal Edition
    on October 21, 2021 at 5:00 am

    A woman who churned out thousands of fake coupons was sentenced to more than 12 years in prison and ordered to pay $31.8 million in restitution—a conservative estimate of what she helped steal from stores, restaurants, and product makers.

  • FBI Honors Fallen During 2021 Police Week Events
    on October 18, 2021 at 5:30 am

    As part of a series of events honoring law enforcement personnel who have died in the line of duty, the FBI recognized the sacrifices of its partners and honored its own fallen.

  • Cyber Agent Returns to the FBI with Renewed Focus
    on October 15, 2021 at 6:00 am

    After leaving the FBI to work with a private cyber incident response firm, Special Agent Brett Yeager felt drawn to return to the FBI and its cyber mission.

  • $50,000 Reward in Michael James Pratt Case
    on October 14, 2021 at 10:00 am

    The FBI is seeking a fugitive producer from New Zealand who allegedly coerced hundreds of young women into filming sexually explicit videos for his pornography websites.

  • Evidence Response Team Training
    on October 5, 2021 at 7:00 am

    Evidence teams close the gap between a crime scene and the FBI Laboratory. Get an inside look at the Evidence Response Team Basic Course, where team members learn to process a scene with precision and care.

  • The ERT Toolbox
    on October 5, 2021 at 6:00 am

    Peer into the Evidence Response Team toolbox to see how everyday items and specialized equipment help the team process a scene.

  • Sentence in WMD Case
    on September 30, 2021 at 6:30 am

    A man who stole radiological devices containing Iridium-192 and was intent on hurting himself and others has been sentenced after pleading guilty to attempted use of a weapon of mass destruction.

  • Affinity Fraud Ponzi Scheme
    on September 23, 2021 at 6:00 am

    A Pennsylvania man who orchestrated a $59 million Ponzi scheme targeting fellow members of the Mennonite and Amish religious communities is spending time behind bars.

  • 9/11 Moved Many to Serve
    on September 9, 2021 at 8:00 am

    In the moments after the country was attacked 20 years ago, many felt a profound new calling—a desire to help and to serve. It set some on a path to the FBI.

Kidnappings and Missing Persons

FBI Intelligence

    Feed has no items.