Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US govt offers $10 million reward for info on nation-state cyber operations

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. Department of State, the US agency states that its Rewards for […]

critical infrastructure

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors.

The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers.

The move was announced by the U.S. Department of State, the US agency states that its Rewards for Justice (RFJ) program will reward reports of malicious activity against U.S. critical infrastructure conducted by nation-state actors.

The US government is inviting people to provide details that can help authorities in identifying and locating people involved in cyber operations conducted by foreign governments against US infrastructure.

“The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).” states the announcement published by Department of State.

Malicious cyber operations targeting U.S. critical infrastructure include ransomware attacks, intentional unauthorized access to a computer or exceeding authorized access to gather sensitive and secret information, and intentionally damaging a protected computer.

“Violations of the statute may include transmitting extortion threats as part of ransomware attacks; intentional unauthorized access to a computer or exceeding authorized access and thereby obtaining information from any protected computer; and knowingly causing the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causing damage without authorization to a protected computer.” continues the announcement. “Protected computers include not only U.S. government and financial institution computer systems, but also those used in or affecting interstate or foreign commerce or communication.”

The Rewards for Justice program has set up a Tor-based website to allow individuals to report information about cyber operations, below is the onion address of the hidden service:

http://he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion

To receive the information in a secure fashion and to protect the safety of potential sources, the Department of State set up a tips-reporting service on the dark web:

dark web nation-state actors

The Dark Web site set up by RFJ is powered by SecureDrop, a platform that allows to anonymously share information.

The rewards under the RFJ program may also be in cryptocurrency to protect the anonymity of the people that provides information useful to the US authorities.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, $10 million reward)

[adrotate banner=”5″]

[adrotate banner=”13″]