FBI: Barracuda Appliances Still Being Exploited By China
Feds warn that patching will not rid system of APT group
Stay informed on the FBI's latest cyber security operations, threats, and safety tips. Your source for up-to-date FBI infosec news and insights.
Search across headline titles and summaries.
Background for this topic.
Federal Bureau of Investigation (FBI) is the United States’ principal federal law-enforcement agency and a domestic intelligence authority. In cybersecurity, it investigates cybercrime, digital intrusion, online fraud, and espionage; works with victims and other agencies; and may support disruption operations, prosecutions, or public warnings. FBI references in security news often concern indictments, infrastructure seizures, malware or intrusion advisories, and requests for victim cooperation.
Practitioners can report suspected internet crime through the FBI’s Internet Crime Complaint Center (IC3) or contact a local FBI field office, while preserving relevant logs, messages, and other evidence. FBI engagement can provide threat intelligence, such as indicators of compromise or information about attacker infrastructure, and may affect evidence handling and legal processes. It does not replace containment, recovery, breach assessment, or privacy and regulatory notifications required of the affected organization.
Feds warn that patching will not rid system of APT group
The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups
Joins in the chorus of advice to bin the gear instead of trying for a fix The FBI has warned owners of Barracuda Email Security Gateway (ESG) appliances the devices are likely undergoing attack by snoops linked to China, and removing the machines from service remains the safest course of action.…
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]
Between Monday and Tuesday, the FBI has traced approximately 1580 stolen Bitcoins
The most recent stolen bitcoin comes just after three major operations occurred in June, with millions stolen in each heist.
Those weapons programs aren't going to fund themselves Lazarus Group, the infamous cryptocurrency thieves backed by North Korea, may try to liquidate a stash of stolen Bitcoin worth more than $40 million, according to the FBI.…
The FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone. [...]
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million