On August 28, 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA), together with the FBI and Department of Defense Cyber Crime Center, issued an advisory to U.S. organizations, including healthcare...more
As the Web3 and digital assets ecosystem continues to grow, hacks, scams and other threats remain a major cause for concern and a potential impediment to broader adoption. Data from various sources indicates that after a year...more
On April 16, 2024, the House Committee on Energy and Commerce held a bipartisan hearing on the issue of cyberattacks involving healthcare providers. The Committee called as witnesses cybersecurity professionals and...more
Last week the FBI Director, CISA Director, NSA Director, and National Cyber Director testified publicly about current and ongoing threats to US critical infrastructure providers by Chinese state-sponsored entities known as...more
The Ankura Cyber Threat Investigations and Expert Services (CTIX) FLASH Wrap-Up is a collection of high-level cyber intelligence summaries pertaining to current or emerging cyber events in December 2023, originally published...more
U.S. government agencies continue to take action against cryptocurrency mixing services that enable cybercriminals to obfuscate the trail of stolen proceeds on public blockchains stemming from illicit cyber activity. On...more
Reported in the November 3rd, 2023, FLASH Update - In what appears to be a continuation of the North Korean strategy to finance the nation using international organized crime rings, cybersecurity researchers established a...more
Malicious Android Apps Used to Target Iranian Banks - An ongoing Android malware campaign targeting users of Iranian financial institutions has expanded to include new abilities to target an even greater number of people...more
Background: On Friday November 29, 2023, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Sinbad.io (“Sinbad”), alleging that the virtual currency mixer serves as a key money-laundering...more
In two prior posts, this blog tracked the ongoing intrigue of how the various branches of the United States government interact with blockchain and cryptocurrency organizations. We discussed the Wyoming law allowing...more
In the hyper-connected era of smart manufacturing, accelerated by “Industry 4.0,” the manufacturing sector is undergoing a digital revolution. By leveraging technologies such as advanced automation, artificial intelligence,...more
Tornado Cash, a cryptocurrency mixer, recently suffered two major setbacks in federal regulatory efforts to block its use and prosecute its founders. First, a federal district court threw out a lawsuit challenging the...more
With the amended Counter-Espionage Law, China has broadened its definition of “espionage” to give information related to “national security and interests” the same protections already given to state secrets. The amended...more
As discussed in a previous post, cyber insurance demand and premiums have significantly increased in recent years. Fitch Ratings forecasts that cyber-related premiums could balloon to $22.5 billion by 2025...more
Cryptocurrencies have been making the headlines for all the wrong reasons. Their values have plummeted leaving investors out of pocket. Exchanges, lenders, and other entities in the crypto ecosystem have gone bust. Numerous...more
EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more
In 2022, threat actors and hacker groups made their mark on the digital world by causing unprecedented data breaches that left organizations of all sizes and sectors vulnerable. Even with improved cybersecurity measures in...more
On January 10, 2023, the SEC filed a subpoena enforcement action against Covington, a large law firm that was victimized by the so-called Hafnium cyberattack by Chinese state actors. Hafnium reportedly was engaged in...more
On Thanksgiving of 2014, I received an urgent call asking me to be in London in 24 hours. My assignment was to run the advanced forensics recovery team serving several foreign offices of Sony Pictures in the wake of a...more
Fanxiao Domain Spoofing Campaign Accrues Network of Over 42,000 Malicious and Redirect Websites - Researchers from Cyjax have published a report on how a financially motivated threat group known as "Fangxiao" is conducting...more
The U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) on August 8, 2022, imposed sanctions against the popular decentralized virtual currency mixer Tornado Cash alleging that it has been used to launder...more