FBI TLP Alert
      
		  TLP Green: FBI Flash: FIN7 Cyber Actors Target US Businesses Through USB Keystroke Injection Attacks
  This is an update to FLASH Number MI-000120-MW which was disseminated on March 26, 2020.
  
  The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand…  
  A highly utilized application called Log4j contains a severe, known vulnerability that is being actively and aggressively attacked.
  
  Mobile malware represents an increasing threat to the US financial services sector as more users shift toward mobile banking—accelerated as a result of the COVID-19 pandemic, and nearly universal smartphone usage with as many as 169 million mobile banking users in the US.
  
  This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA). 
  
  The United States Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have issued a cybersecurity alert that reminds critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as your regular employees.
  
  At a Glance
TThis joint cybersecurity advisory is the result of an analytic effort among  the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber
  
  As of November 2021, FBI forensic analysis indicated exploitation of a 0-day vulnerability in the FatPipe MPVPN® device software1 going back to at least May 2021.
  
  The FBI is sharing information about an Iranian actor attempting to acquire leaked data concerning US and foreign organizations.
  
  Ransomware attacks in recent months against tribal entities have caused damages estimated in the millions of dollars, and the FBI has received reports of tribal entities affected by ransomware attacks since at least 2016. Entities impacted by these attacks include tribal governments, healthcare…  
