The North Korean (DPRK)-linked Lazarus Group recently shifted its focus to the nuclear industry, indicating a concerning shift from its previous tactics of primarily targeting defense, aerospace, and cryptocurrency, among others. The Lazarus Group has historically...
The NJCCIC reflects on the cyber threats experienced over the past year to strategize our cyber defenses for the year ahead. We highlight several ransomware attacks, cyberattacks impacting critical infrastructure and more, and numerous attempts to interfere with the 2024 elections.
Ransomware attacks pose a significant threat year-round; however, they increase significantly during the busy holiday shopping season. Cybercriminals often prepare to launch disruptive cyberattacks targeting multiple sectors, hiding in networks and waiting for...
After the quick rise and fall of the Rockstar2FA Phishing-as-a-Service (PhaaS) platform, a new phishing platform, dubbed FlowerStorm, was observed filling in the gap left behind in Rockstar’s absence. Rockstar2FA platform had a simple interface that utilized adversary-in-the-middle.
Authentic notifications from financial institutions via email and text messaging can help inform users of account activity, such as balances and transactions. However, if a user has consented to receive such notifications, it may be challenging to determine if a notification is real.
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source web application framework used for developing Java web applications. Successful exploitation of this vulnerability could allow for...
Multiple Vulnerabilities have been discovered in Sophos Firewall, the most severe of which could allow for remote code execution. Sophos Firewall is a network security solution. Successful exploitation of the most severe of these vulnerabilities could allow for unauthorized access...
Get ready for an adventure in the Capture the Smart Tag Competition (CSTC)! Teams of three to four students will work together to track down hidden electronic Smart Tags in an area on campus. Students will be provided a short training on Bluetooth Low Energy (BLE) tags and more...
The Federal Trade Commission (FTC) warned job seekers about the continued rise in online job scams. These scams, also known as “task scams,” request for repetitive tasks to be performed. These tasks are often completed in an app or a platform that tracks completed tasks...
Iranian threat actors have deployed a new malware, IOCONTROL, to target Internet of Things (IoT) devices and Operational Technology (OT)/SCADA systems in critical infrastructure across Israel and the United States. Analysts have categorized IOCONTROL as a nation-state...
