Chinese-Sponsored Cyber Operations: Observed TTPs

Summary Alerts for us-cert.cisa.gov NSA, CISA, and FBI have observed increasingly sophisticated Chinese state-sponsored cyber activity targeting U.S. political, economic, military, educational, and CI personnel and organizations. NSA, CISA, and FBI have identified the following trends in Chinese state-sponsored malicious cyber operations through proactive and retrospective analysis: Acquisition of Infrastructure and Capabilities. Chinese state-sponsored cyber…

Read More

APT Actors Exploiting Vulnerability in ManageEngine ADSelfService

CVE-2021-40539, rated critical by the Common Vulnerability Scoring System (CVSS), is an authentication bypass vulnerability affecting representational state transfer (REST) application programming interface (API) URLs that could enable remote code execution. The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability. The exploitation of ManageEngine…

Read More

Conti Ransomware

The Conti ransomware is a RaaS model that differentiates from the standard affiliate-based model. It’s likely that the developers of Conti pay the deployers of this ransomware a wage rather than a percentage of the proceeds, and receive shares of the proceeds from successful attacks. >>MORE

Read More

Cyber Threats to U.S. WWS

Cyber Threats to U.S. Water and Wastewater Systems WWS facilities may be vulnerable to the following common tactics, techniques, and procedures (TTPs) used by threat actors to compromise IT and OT networks, systems, and devices. >>MORE

Read More

BlackMatter RaaS

BlackMatter is a ransomware-as-a-service tool that has been seen in July 2021. It is a possible rebrand of DarkSide, a RaaS which was active from September 2020 through May 2021. BlackMatter actors have attacked numerous U.S.-based organizations and have demanded ransom payments ranging from $80,000 to $160,000. More Info

Read More

Is Fund Recovery Legit?

What is a Fund Recovery Company? Fund recovery is the process that the company you hire to recover your funds will follow. It will involve various regulatory activities such as account freeze, reimbursement of stolen money, and bankruptcy. The point of fund recovery is to preserve your assets. It is also helpful for you to…

Read More

Bitcoin Scams on Social Media

How to avoid scams 1. Never send money to people you don’t know personally. 2. Read through the company’s description. Are you getting a straight answer? Are there any red flags you should be aware of? Are there any internal posts that are not a direct answer to questions you ask, or are there any…

Read More

An Overview of Bitcoin Fraud

How to Spot a Bitcoin Scam When you’re scoping out potential companies to work with, start with the basics. How well have they been performing? Check out the startups’ track records and/or speak to an expert. You can search for negative comments or reviews on sites like cyber-forensics.net. You can also start your research by…

Read More

How To Spot A Bitcoin Casino Scam

Bitcoin casino scams are a real thing. Unfortunately, it’s hard to tell them apart from reliable casinos, and they can have a number of different ploys to get your money out of your pocket. Bitcoin gives you total control over your monetary transactions – when everything goes well! But when things go wrong, they go…

Read More

Bitcoin Ransom

What is bitcoin ransom? One bitcoin ransom stands out in the cryptocurrency world. As of May 2018, 1 BTC is worth about $9,600. Bitcoin’s initial prices were skyrocketing, and new bitcoin mining operations were popping up as fast as they could. As prices reached record highs, scammers saw an opportunity. Some people think it’s a…

Read More