A Hacker Sent Thousands of Fake Emails From FBI System Warning of a Cyberattack

Russian entrepreneur faces extradition to U.S. in connection with Ryuk ransomware, Israel and U.S. form initiative to fight ransomware, China will impose "cybersecurity" review on Hong Kong IPOs, more

Check out my book coming on December 14 from Wiley, Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework. We will extend special offers for Metacurity’s premium subscribers to get the book at substantially reduced prices or even at no cost. Stay tuned. But sign up for a premium subscription today so that you don’t miss out!

A hacker who calls themself Pompompurin hacked an email address that corresponds to the FBI’s Criminal Justice Information Services Division (CJIS) to send out emails about a fake cyberattack. The attacker proclaimed the hack was designed to point out a glaring vulnerability in the FBI’s system.

The attacker started with an exploration of its Law Enforcement Enterprise Portal (LEEP), which the bureau describes as “a gateway providing law enforcement agencies, intelligence groups, and criminal justice entities access to beneficial resources.” Until Saturday, November 13, the LEEP portal allowed anyone to apply for an account…