Free Republic

Today, the Department of Justice and the FBI announced a court-authorized technical operation to neutralize the U.S. portion of a network of small office/home office (SOHO) routers compromised by a unit within Russia’s Main Intelligence Directorate of the General Staff (GRU) Military Unit 26165, also known as APT28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. The unit used the routers to facilitate malicious Domain Name System (DNS) hijacking operations against worldwide targets of intelligence interest to the Russian government, including individuals in the military, government, and critical infrastructure sectors.Since at least 2024, GRU actors have exploited known...

Tehran’s targeting campaigns against U.S. organizations ‘have recently escalated,’ a federal advisory warns.Iran has demonstrated an ability to penetrate networks tied to critical U.S. infrastructure before.WASHINGTON — U.S. intelligence agencies are “urgently warning” private sector companies throughout the nation that Iranian actors “are conducting exploitation activity” that has resulted in “disruptions across several U.S. critical infrastructure,” according to a government notice reviewed by The Times.The Iranian cyberactivity comes as President Trump is threatening to target Iran’s critical infrastructure in the coming hours, particularly its bridges and power plants.Iran’s attack targeted products by Rockwell Automation’s Allen-Bradley, one of the most widely...

The FBI says your Wi-Fi network could be a target for hackers. Here's how to protect yourself. *snip* The FBI bulletin specifically named older Linksys routers that are no longer receiving software patches or security updates.

Americans’ personal data could be collected and stored overseas — even if they’ve never downloaded a foreign-developed app themselves — according to a new FBI alert warning about the risks tied to popular mobile platforms. That means information like a person’s name, email address or phone number could be pulled from someone else’s contact list and potentially stored abroad if a friend or family member grants an app access to their device. The warning comes after years of scrutiny over TikTok’s ties to China, but the FBI alert suggests the concerns extend beyond any single platform to a broader range...

Operation Epic Fury marks a turning point in the art of war. The key to 20th-century battles was air power. In the past, space and cyber activities have traditionally played supporting roles as so-called force multipliers. But this is no longer the case. In this conflict they have become mainstream, carving out new fronts for the wars of the future. The use of space is no longer something that is just nice to have, because everything from comms to intel to navigation uses space and cyber assets. Along with the National Reconnaissance Office, which manages US spy satellites, the US...

After announcing a 2029 target for migration to post-quantum cryptography (PQC), Google issues a new warning that a quantum system could attack a Bitcoin (BTC) transaction in about nine minutes. The tech giant warned it won't happen today but it's a possibility one should be prepared for sooner than later. Understanding quantum threat to cryptocurrency Cryptocurrencies are virtual currencies that rely on cryptography to encrypt or conceal sensitive financial details from those other than transacting parties. Though the most powerful supercomputers active today will take thousands of years to decrypt cryptography, the cryptocurrency community fears quantum computers will be able...

The US Justice Department on Thursday announced the results of an international operation to disrupt several IoT botnets used by threat actors to launch distributed denial-of-service (DDoS) attacks. The operation targeted the Aisuru, Kimwolf, JackSkid, and Mossad botnets and involved several major cybersecurity and tech companies, as well as law enforcement in Germany and Canada. Authorities said the botnets have compromised more than 3 million devices as of March 2026, including DVRs, cameras, Wi-Fi routers, and other IoT devices. Aisuru has made headlines over the past several months for its massive DDoS attacks, including several record-breaking attacks. It is tightly...

https://x.com/TheDebriefing17/status/2034955849840423339 TheDebriefing17@TheDebriefing17🤔The government just raided the headquarters of a 3-million-device criminal army-for-rent, the Pentagon led because military systems were being attacked, Big Tech helped execute it, and the real payoff isn't today's shutdown it's the years of prosecution data now sitting on seized servers. @Homeranger17@FBIAnchorage·16h🚨JUST IN🚨The Defense Criminal Investigative Service (DCIS), FBI Anchorage, and international partners disrupted four of the world’s largest Internet of Things (IoT) botnets that together were responsible for millions of infected devices and hundreds of thousands of DDoS attacksMar 20, 2026

Of the 90 zero-days GTIG tracked in 2025, 43 hitZero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage groups remaining the most prolific state-backed users, according to Google. Google Threat Intelligence Group tracked 43 zero-days in enterprise software and appliances in 2025, representing 48 percent of all attacks against these previously undisclosed bugs. That's up from 36 (46 percent) in 2024. In total, the Chocolate Factory documented 90 zero-day vulnerabilities actively exploited last year, which is more than 2024's number (78), but still not as many as 2023's record high of 100. And...

Mossad operatives hacked into Tehran's traffic camera network to spy on Ayatollah Ali Khamenei, his bodyguards and other top Iranian officials for years Israel gained access to almost all the city's cameras, and tracked the movements of key bodyguards. Images were said to be transmitted back to Tel Aviv and southern Israel, allowing Mossad to develop intimate knowledge on the guards' addresses, work schedules, and who they were assigned to protect. One camera angle proved especially helpful and allowed agents to track where bodyguards parked their personal cars when arriving at the Supreme Leader's compound on Pasteur Street in the...

North Korea hacked into the computers of a Hollywood studio in 2014, and the company's former executive now blames himself—or his own childhood—for okaying a movie that angered the dictator in Pyongyang, Kim Jong Un. "Curiously, I never really got angry at the North Koreans, on the assumption that if you kick the hornet's nest and get stung, you can't really blame the hornets," the former CEO of Sony Entertainment, Michael Lynton, writes in an excerpt that appeared in the Wall Street Journal of his new book, From Mistakes to Meaning: Owning Your Past So It Doesn't Own You. In...

New ransomware of choice, same critical targetsNorth Korea’s Lazarus Group appears to have added another tool to its kit. It has begun using Medusa ransomware in extortion attacks targeting at least one US healthcare organization and an unnamed victim in the Middle East, according to Symantec and Carbon Black threat hunters. The US healthcare attempt failed, while the Middle East organization was hit with the Medusa strain, the researchers said. Of the nearly 30 victim organizations listed on the Medusa data-leak site since November 2025, four are healthcare and nonprofit organizations in the US, including a mental health nonprofit...

An analysis released by Google this month showed that the U.S. defense industrial base—a network of public and private entities used to develop or maintain military weapons systems—has sustained cyberattacks from groups and criminal organizations from China, Russia, and North Korea in recent months.The report, released on Feb. 10 by Google Threat Intelligence, found that the Chinese regime and associated groups continue “to represent by volume the most active threat to entities in the defense industrial base,” which it said can pose “significant risk to the defense and aerospace sector.”Google’s report added that it “has observed more China-nexus cyber espionage...

SNIPPET: "In March, La Nueva Cuba, an online newspaper, reported that “Russian personnel has been in Cuba for several months working on modernizing SIGINT operations in the old Lourdes surveillance and monitoring facility.” The Web site said the supposed renovation was: …part of a project of rearming and modernization of Russian armed forces and the goal of completion by 2011. The new operations could include military sections dedicated to hacking or computer systems espionage with a capacity to neutralize U.S. military networks… Then last week, an opinion piece appeared in Miami Herald. The headline: Cuba capable of waging a cyberwar....

The website Stop ICE Raids Alert Network, which allows users to “send and receive alerts about ICE raids and activity in [their] areas,” appears to have been breached in a cyberattack. According to reports circulating on social media on Friday, anti-ICE activists visiting the site were greeted by a message, printed ominously in red letters on a black background, that read, “We were not kidding. We sent your names, logins, passwords, and locations to a bunch of government agencies. Sherman Austin is a terrible coder, so are ‘RC’ Concepcion and Matt Beran.” (Snip) In a separate post, @DataRepublican wrote, “I...

There’s no escaping the annual Black Friday sales, which seem to last longer every year. Equally, there’s no escaping that Amazon is the top dog in both the event itself and as a target for cybercriminals. With an estimated 310 million active users in 2025, Amazon has always been a prime quarry for scammers, hackers and other highly-targeted cybercrime activity. Now the online retail giant has issued a stark warning that every customer must take seriously as attackers strike. Here’s what you need to know and do. Amazon Sends Users Attack Warning – What You Need To Know Hot on...

Hashtag-do-whatever-I-tell-youCato Networks says it has discovered a new attack, dubbed "HashJack," that hides malicious prompts after the "#" in legitimate URLs, tricking AI browser assistants into executing them while dodging traditional network and server-side defenses. Prompt injection occurs when something causes text that the user didn't write to become commands for an AI bot. Direct prompt injection happens when unwanted text gets entered at the point of prompt input, while indirect injection happens when content, such as a web page or PDF that the bot has been asked to summarize, contains hidden commands that AI then follows as if...

Gmail users have been urged to check their accounts after it was revealed that more than 183 million passwords were stolen in a data breach. Australian cyber expert Troy Hunt, who revealed the incident, called it a 'vast corpus' of breached data, which totals 3.5 terrabytes. To put that into perspective, that's the equivalent to 875 full-length HD movies. According to Mr Hunt, 'all the major providers have email addresses in there' – so not just Gmail, but Outlook, Yahoo and others too. 'They're from everywhere you could imagine, but Gmail always features heavily,' Hunt told the Daily Mail. So...

Two former employees of cybersecurity firms that sold services helping companies combat hackers have been indicted and accused of participating in a conspiracy, outside of their day jobs, to hack multiple US firms and extort them for millions of dollars. The two men are accused of deploying ransomware used by a prolific cybercriminal gang in attacks in 2023 against a medical device firm in Florida, a pharmaceutical firm in Maryland and a drone maker in Virginia, among other alleged victims. Kevin Tyler Martin of Roanoke, Texas, and Ryan Clifford Goldberg of Watkinsville, Georgia, face matching federal charges including interfering in...

A city had a rude awakening when it tested its electric buses for security flaws. Some cities have gone all-in on their dedication to renewable energy and electric public transportation, but discovering that a jurisdiction does not actually control its own public property likely was not part of the idea. This turned out to be exactly the case when Ruter — the public transportation authority for Oslo, Norway — decided to run tests on its new Chinese electric buses. Approximately 300 e-buses from Chinese company Yutong made their way to Norway earlier this year, with outlet China Buses calling it...