Source: Federal Bureau of Investigation FBI Crime News

First, Taub never registered them. PACs pool contributions from donors and then contribute that money to support or defeat a candidate for office or further a cause or policy position. Election laws mandate that they be registered with the Federal Election Commission (FEC).

Second, the former Navy secretary wasn’t even part of the PAC. “Taub was using his name and likeness without the official’s permission,” said FBI Special Agent Eric Miller, who investigated the Taub case and now supervises a federal public corruption squad out of the Washington Field Office.

There was still another element to Taub’s scheme. “He told donors that 100% of their contributions were going to the cause when, in fact, he was spending that money on personal expenditures—things like excessive travel, wine, cigars, trips to Las Vegas, gambling,” Miller said.

After pleading guilty to wire fraud and willfully violating the Federal Election Campaign Act by operating fraudulent and unregistered political action committees, Taub was sentenced to 36 months in federal prison. He was also ordered to pay more than $1.1 million in restitution to the victims.

There are many reputable, well established PACs that are properly supporting causes and candidates. But Miller warns that it is easy for a fraudster to establish a group, create a website, and begin asking for contributions.

“It’s fairly easy to start reaching out to potential donors to say, ‘We are backing this candidate or this political issue—please donate,’” Miller said. “The groups can look and sound legitimate, and that’s one of the tough parts of keeping people from being victimized. The red flags aren’t always obvious.”

Source: Federal Bureau of Investigation FBI Crime News

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” today to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.  

Mitigation against these vulnerabilities is critically important as U.S. and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors. In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA. This was highlighted in NSA’s Cybersecurity Advisory, “Russian State-Sponsored Actors Exploiting Vulnerability in Workspace ONE Access Using Compromised Credentials.”

NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations. NSA, CISA, and FBI also recognize all partners in the private and public sectors for comprehensive and collaborative efforts to respond to recent Russian activity in cyberspace.

NSA encourages its customers to mitigate against the following publicly known vulnerabilities:

• CVE-2018-13379 Fortinet FortiGate VPN
• CVE-2019-9670 Synacor Zimbra Collaboration Suite
• CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN
• CVE-2019-19781 Citrix Application Delivery Controller and Gateway
• CVE-2020-4006 VMware Workspace ONE Access

For more information, review the advisory or visit NSA.gov/cybersecurity-guidance.

View the infographic on understanding the threat and how to take action.

Source: Federal Bureau of Investigation FBI Crime News