The FBI made digital copies of malicious web-shells before removing them from hundreds of vulnerable servers in the US, without any warning to affected organizations. The servers likely belong to private-sector companies that had been compromised via the “Proxylogon” Microsoft Exchange vulnerabilities. A court order issued by the US Department of Justice (DoJ) authorized the FBI to conduct the actions. Affected organizations were reportedly only contacted if the FBI could find contact details through the servers’ WHOIS records. The DoJ’s and FBI’s actions have raised concerns that extend to the companies’ privacy, proportionality and accountability, and the government’s role in combating cyber-threat events.
Most Recent Flipbooks
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts
Main story: LockBit launches new version, welcomes bug hunters
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage