The FBI, the Cybersecurity and Infrastructure Security Agency and a group of international partners on Thursday warned that cyber threat groups are using a technique called "fast flux" to hide the locations of malicious servers, posing a significant threat to national security. Authorities warned that both criminal and state-linked threat groups have used fast flux to obfuscate the locations of these servers using fast-changing Domain Name System records. READ MORE...
Two days ago, the Lower Sioux Indian Community in south central Minnesota alerted the public that an unauthorized actor accessed its systems and disrupted operations for the local healthcare facility, government center, hotel, and casino. The tribe activated incident response protocols and took certain systems offline, including tribal phones, fax machines, and emails, and it's working with third-party experts to investigate the incident. READ MORE...
?Port of Seattle, the U.S. government agency overseeing Seattle's seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack. The agency disclosed the attack on August 24, saying the resulting IT outage disrupted multiple services and systems, including reservation check-in systems, passenger display boards, the Port of Seattle website, and delayed flights at Seattle-Tacoma International Airport. READ MORE...
A 20-year-old man believed to be a member of the cybercrime ring known as Scattered Spider has pleaded guilty to charges brought against him in Florida and California. Noah Urban of Palm Coast, Florida, was arrested in January 2024 and charges against him were unsealed by US authorities in November 2024, when four others believed to be members of Scattered Spider were named. Urban is also believed to be behind the online moniker 'King Bob', known for leaking unreleased music. READ MORE...
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to steal their personal information including names, email addresses, physical addresses, and credit card information. READ MORE...
A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel. At least that's the hope. The privacy attack, referred to as browser history sniffing, involves reading the color values of web links on a page to see if the linked pages have been visited previously. The attack was mitigated about 15 years ago, though not effectively. READ MORE...
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert's testimony may have been pivotal. Mark Lanterman is a former investigator for the U.S. Secret Service Electronics Crimes Task Force. READ MORE...
Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to view the recent incoming call log for potentially any Verizon phone number. "In short, anyone could lookup data for anyone," Connelly said. A vulnerability in the Verizon Call Filter iOS app allowed anyone to request the call logs of millions of US Verizon customers. READ MORE...