Greeley, Colorado (and elsewhere): the JBS ransomware incident.
JBS USA and Pilgrim’s Announce Resolution of Cyberattack (JBS Foods) Today, JBS USA and Pilgrim’s (“the company”) announced that all of its global facilities are fully operational after resolution of the criminal cyberattac
JBS Swift reopens after company cyber attack (KSNB Local 4) JBS Swift reopened on Wednesday, after they had to shut down most of their operations because they say they were the target of a cyber attack.
As JBS reopens plants after cyber attack, security concerns linger (Big News Network.com) JBS the world largest meatpacker said it is working to make the vast majority of its plants operational after a weekend cyberattack took all of its US beef processing offline
U.S. Meat Supply Recovering as JBS Plants Return After Hack (Yahoo Finance) (Bloomberg) -- Meat production in the U.S. is climbing back toward normal levels, with the government pressing other companies to boost output while JBS SA’s meat plants recover from last weekend’s cyberattack.JBS said late Thursday that lost production would be fully recovered by the end of next week. “All of our facilities around the globe are operating at normal capacity,” Andre Nogueira, JBS USA’s chief executive officer, said in the statement.Cattle-slaughtering in the U.S. had essentially
What Does The JBS Cyber-Attack Mean For The Food System? (Utah Public Radio) Earlier this week, the meat processing business, JBS, was hit with a cyberattack that caused it to temporarily shut down some of its operations in Utah and
Is It Safe To Eat Meat After The JBS Hack? Here's Everything You Should Know (HuffPost) Will prices go up? Will the meat make us sick? Here's what to know for both the present and the future.
Industrial systems under siege from ransomware (VentureBeat) Ransomware gangs follow the money -- and the vulnerabilities -- to target the world's largest companies. Here's how businesses can fight back.
Why ransomware cyberattacks are on the rise (ABC News) A recent spate of ransomware attacks has left the nation reeling.
Is JBS cyberattack a dry run? (Fox Business) With easily accessible hacking tools and hard-to-trace financing amid the rise of cryptocurrency, cybercrime is soaring around the world, experts say.
White House: Biden to Discuss Cyberattack on Meat Producer With Russia's Putin (Voice of America) U.S. President Joe Biden will discuss with Russian President Vladimir Putin later this month the harboring of cyber attackers like those believed to have targeted meatpacking giant JBS, the White House said Wednesday.
'They are hair on fire': Biden administration mulls cyberattacks against Russian hackers (NBC News) Although using the military to take action against cybercriminals wouldn't be without precedent, it's controversial in legal circles.
Attacks, Threats, and Vulnerabilities
Colonial Pipeline Ransomware Hack Unleashes Flood of Related Phishing Attempts (INKY) The highly visible ransomware attack executed by Eastern Europe-based hacker group DarkSide against Colonial Pipeline drew a lot of phisher interest. New phishing attempts were unleashed within weeks. Read more.
Hackers use Colonial pipeline ransomware news for phishing attack (ZDNet) The emails ask employees to download a “ransomware update” that is actually malware.
Chinese threat actors hacked NYC MTA using Pulse Secure zero-day (BleepingComputer) Chinese-backed threat actors breached New York City's Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. Still, they failed to cause any data loss or gain access to systems controlling the transportation fleet.
Chinese hackers used Pulse Secure zero day to infiltrate MTA systems (SC Media) Hackers from China used vulnerabilities in the Pulse Secure VPN to plant web shells on servers in MTA's environment.
Live streams go down across Cox radio & TV stations in apparent ransomware attack (The Record by Recorded Future) Live streams for radio and TV stations owned by the Cox Media Group, one of the largest media conglomerates in the US, have gone down earlier today in what multiple sources have described as a ransomware attack.
Poison in the Water: The Physical Repercussions of IoT Security Threats (Security Intelligence) Better IoT security can prevent physical attacks as well. An attempt to poison a Florida water supply shows how attackers can jump from digital to physical.
Tokyo Games organizers hit by data breach and info leak (The Japan Times) With around 50 days to go before the Olympics open, the organizers and government continue to ramp up efforts to prevent cyberattacks from disrupting the games.
UF Health targeted in ransomeware attack (WESH) University of Florida Health is the target of a ransomware attack, jeopardizing the security of patient and employee personal information.
Job-themed email threats remain a preferred theme for threat actors (Proofpoint) The U.S. Federal Bureau of Investigation (FBI) issued a warning recently that threat actors are using fake job postings to steal personally identifiable information, which is a tactic we’ve previously seen within malicious email campaigns.
Threat Thursday: Avaddon Ransomware Uses DDoS Attacks as Triple Threat (BlackBerry) Avaddon ransomware uses a double extortion scheme where data is both encrypted locally and exfiltrated. Avaddon also subjects victims to a third threat - a Distributed Denial of Service (DDoS) attack - until the ransom is paid.
Fujifilm Shuts Down Servers to Investigate Possible Ransomware Attack (Infosecurity Magazine) The company is investigating possible unauthorized access and has partially shut down its servers
Positive Technologies Uncovers Critical Vulnerabilities in CODESYS (Pipeline Publishing) NEWS: in this press release, Positive Technologies experts have identified 10 vulnerabilities in CODESYS automation software for industrial control systems.
Zero‑day in popular WordPress plugin exploited to take over websites (WeLiveSecurity) Attackers have been actively exploiting a zero-day flaw in Fancy Product Designer, a WordPress plugin used by 17,000 websites, for full site takeover.
Zscaler Protections Against Flubot Banking Malware (Zscaler) The Flubot android banking malware - also known as Android Banker - is targeting UK and US users. Read details and Zscaler coverage against this threat.
Return to the Office. Get Welcomed by Phishing Emails (Avanan) Avanan researchers have seen a major uptick in phishing emails that take advantage of in-office technology like scanners and fax machines.
Microsoft Office 365 a Major Supply Chain Attack Vector (Security Boulevard) Performance issues are not the only concern users have about Microsoft Office 365 and Azure cloud services: the office productivity suite also represents a major threat vector and an attractive target for network and supply chain attacks.
New 'Epsilon Red' ransomware is hunting for unpatched Microsoft Exchange servers, researchers warn (Computing) It relies on several Powershell scripts before encrypting machines
Watch out for scam calls impersonating Seattle City Light (Seattle Times) Seattle City Light is warning of a scam where a caller is impersonating a bill collector and threatening to shut off power, if a payment is not made over the phone.
Security Patches, Mitigations, and Software Updates
Cisco Releases Security Updates for Multiple Products (CISA) Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:
Advantech iView (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Advantech
Equipment: iView
Vulnerabilities: Missing Authentication for Critical Function, SQL Injection
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose information and perform remote code execution.
Trends
The history of ransomware across industries (IT-Online) In today’s sophisticated threat landscape, ransomware is seemingly everywhere, impacting both organisations and individuals alike. But how did ransomware as we know it today come to be? Aamir Lakhani, lead researcher and cyber security expert at Fortinet, examines the history of ransomware, starting in 1989, and explains how these threats are still looming today. History […]
ESET Threat Report T1 2021 | WeLiveSecurity (WeLiveSecurity) In this issue of the ESET Threat Report, ESET experts look at the key trends that shaped the threat landscape during the first four months of 2021.
Majority of Businesses Still Have Remote Working Cybersecurity Concerns One Year Into the Pandemic, Finds Thales (MENAFN) Despite being over a year into remote working and looking ahead to likely shifts to hybrid remote/in-office working models, four fifths (82%) of businesses still remain concerned about the security risks of employees working remotely. This is just one of the key insights from the 2021 Thales Global Data Threat Report...
COVID-19 has transformed work, but cybersecurity isn't keeping pace, report finds (TechRepublic) Underprepared, overwhelmed and unable to move forward, security teams are getting pushback from leadership and simply can't catch up to necessary post-pandemic modernization.
Imperva: 75.9% of stolen data in breaches involve personal information (VentureBeat) Imperva Research Labs analyzed more than 100 of the biggest data breaches and found that 75.9% of stolen data was PII.
Axway Survey Finds Consumers Frequently Have Concerns About the Privacy & Security of Their Data (Axway Corporate) Companies have an opportunity to build seamless digital experiences from a foundation of trust.
Cybersecurity in America Flash Poll (PC Matic) In late April of 2021, the PC Matic Research Team conducted research to better understand public opinion surrounding cybersecurity in America. In the days following the completion of this research, the United States and businesses within have succumbed to several high profile ransomware attacks.
Marketplace
Council Post: Crossroads: Where Security And Privacy Regulations Meet Cyber Insurance (Forbes) The rapid rise in cyber incidents — particularly during the pandemic — has put significant pressure on insurers to update how they are underwriting cyber risk.
Cybersecurity company SentinelOne files to go public with 108% revenue growth year-over-year (CNBC) SentinelOne filed its IPO prospectus with the Securities and Exchange Commission on Thursday, and plans to list on the NYSE under the ticker symbol S.
CrowdStrike rival SentinelOne files to go public months after blocking SolarWinds breach (SeekingAlpha) Cybersecurity company SentinelOne has filed for an IPOseeking up to $100M, a likely placeholder figure
Mandiant to Re-Emerge After $1.2 Billion FireEye Sale (Infosecurity Magazine) The deal will see STG acquire FireEye’s network, email, endpoint and cloud security products
Versar Acquires BayFirst Solutions in Government Service Market Push; Dwane Stone Quoted (GovCon Wire) Looking for the latest GovCon News? Check out our story: Versar Acquires BayFirst Solutions in IT, Intelligence Capability Expansion Push. Click to read more!
Microsoft continues IoT security push (Mobile World Live) Microsoft agreed an acquisition of software company ReFirm Labs for an undisclosed sum to boost security of IoT devices.
Proposed Sale Casts Cloud Over Future of FireEye's Products (Dark Reading) Symphony Technology Group, which is buying FireEye, already owns multiple security companies with redundancies in numerous areas.
Invicti Security Is Named in 2021 Gartner Magic Quadrant for Application Security Testing (PR Newswire) Invicti Security™, a global innovator in web application security, today announced that it has been recognized for the first time in the...
Meme Stocks Are On a Wild Ride, Led by AMC (Wall Street Journal) The latest moves come amid a surge over the past two weeks in meme stocks, a frenetic rally reminiscent of the Reddit-fueled craze of late January.
Booz Allen Hamilton wins $674M DOD contract (Virginia Business) McLean-based Fortune 500 global management consulting company Booz Allen Hamilton Inc. was awarded a five-year, $674 million contract from the General Services Administration to maintain and support the growth of the Department of Defense’s Advana data analytics platform. “In response to increasingly advanced threats from global adversaries, the Department of Defense has placed a clear…
Michael R. Cote to Retire as Secureworks CEO; Board Appoints Wendy K. Thomas as Next President & CEO (Secureworks) Secureworks® (NASDAQ:SCWX), a global leader in cybersecurity, today announced that Chief Executive Officer Michael R. Cote is retiring as CEO and a member of the Secureworks Board of Directors, effective Sept. 3, 2021.
Devo Adds Cybersecurity Luminaries as First Advisors Amidst Rapid Company Growth - Devo.com (Devo.com) Devo appoints four new advisors to guide its disruption of the SIEM market and global expansion.
AllegisCyber Capital Names Michael Feiertag as Partner and Promotes Je (PRWeb) AllegisCyber Capital, a leading early-stage venture capital firm focused exclusively on cybersecurity and data science, recently named Michael Feiertag as Part
Products, Services, and Solutions
DataSecOps Innovator Satori Launches Self-Service Data Access to Streamline Enterprise Data Access management (GlobeNewswire) Democratizes workflows for data access requests, collapsing three-week manual processes to five-minute, self-directed operations while preserving security
Expel Introduces Managed Detection and Response for Microsoft (BusinessWire) Expel for Microsoft connects to tech such as Microsoft Defender for Endpoint, Azure, Sentinel, Office 365 and MCAS.
Proofpoint Delivers Advanced Data Loss Prevention for Microsoft Teams (Proofpoint) Becomes a certified Teams security and compliance partner for data loss prevention.
Milton Security Announces 29-Day Proof of Value Trial in June (PR Newswire) Milton Security, a leading provider of Threat Hunting as a Service, XDR & MDR (MxDR) SOC Services, announced today that, for customers who sign...
Profiting from Payments: Empowering Consumers and Businesses with Push-To-Business Payments (P2B) (Appbrilliance) Payment transactions should be as simple as exchanging cash for apples with a fruit vendor at your local farmer’s market. But over time, the process has become complex and favors a few powerful companies and intermediaries rather than the consumer or business. We are at the precipice of an entirely new payments model that will empower consumers and merchants to take greater control of their payments.
Technologies, Techniques, and Standards
Ransomware Attack Response Should Extend Beyond Money to Your Team's Morale (Security Intelligence) After a ransomware attack, the security talent can lose confidence in the company's ability to use their skills effectively. Think outside the wallet.
Responding to Ransomware Learning from Colonial Pipeline (JD Supra) Recently, Ransomware has taken to the forefront in national news. The most prevalent ransomware attack, the one perpetrated against Colonial Pipeline ...
The Only Cure for Ransomware is Prevention (Votiro) By understanding how ransomware manages to evade detection, organizations can move towards the only cure for ransomware: prevention. Find out how you can take a more proactive approach.
The Importance of Risk Assessments and Risk-Informed Decision Making (ISACA) Recently, I wrote about the concept of “just enough security” and mentioned how “striking the balance between too much, not enough, and just enough security is no cakewalk.”
Security observability tools step up threat detection, response (SearchSecurity) Learn how security observability tools go beyond monitoring and visibility to improve enterprise threat detection and response efforts.
Research and Development
University of Luxembourg partners with LuxTrust to study post-quantum cryptography (Science|Business) Yesterday, LuxTrust S.A. and SnT announced their collaboration in a research partnership that will investigate cryptographic algorithms resistant to quantum computers. The announcement was made yesterday in a press release.
Academia
IBM to help Poughkeepsie schools bolster cybersecurity with $500,000 grant (The Poughkeepsie Journal) After a cyberattack in Feb. 2020, the district will have resources to strengthen its protection against any future cyberattacks.
IIT Kanpur launches e-Masters in cyber security, three other streams (Hindustan Times) IIT Kanpur admissions 2021: The Indian Institute of Technology, Kanpur (IIT-K) on Thursday announced the launch of four new e-Masters programs to enable seamless remote learning during the pandemic.
Legislation, Policy, and Regulation
Up to 5 years prison for attending Tiananmen Massacre vigil, Hong Kong gov't warns - 1 year jail for publicising it (Hong Kong Free Press) Hong Kong’s Security Bureau has warned Hongkongers not to take part in this year’s Tiananmen Massacre vigil on June 4, or commemorative long-distance run this Sunday. “The relevant meetings and procession are unauthorised assemblies. No one should take part in it, or advertise or publicise it, or else he or she may violate the law,” […]
China’s Tiananmen anniversary crackdowns reach far beyond the firewall (MIT Technology Review) Tactics used by Beijing to suppress mentions of pro-democracy protests are increasingly spilling over and affecting users around the world.
Assessing Russia’s role and responsibility in the Colonial Pipeline attack (Atlantic Council) Russia benefits politically from the chaos of this attack, and Russia has the power and duty to prevent the next one.
EU plans digital ID wallet for bloc's post-pandemic life (AP NEWS) The European Union unveiled plans Thursday for a digital ID wallet that residents could use to access services across the 27-nation bloc, part of a post-pandemic recovery strategy that involves accelerating the shift to an online world.
What We Urge You To Do To Protect Against The Threat of Ransomware (The White House) The number and size of ransomware incidents have increased significantly, and strengthening our nation’s resilience from cyberattacks – both private and public sector – is a top priority of the President’s.
White House Warns Companies to Act Now on Ransomware Defenses (New York Times) An open letter urged them to take many of the defensive steps that the federal government requires of its agencies and contractors.
White House urges US companies to take ransomware seriously (TechRepublic) A new White House memo to business leaders underscores the threat of ransomware and offers advice on how to protect their companies.
White House Urges Companies to Take Ransomware More Seriously (Channel Futures) The White House on Thursday issued a letter calling on companies to take more seriously the threat of ransomware attacks.
EXCLUSIVE-U.S. to give ransomware hacks similar priority as terrorism, official says (Reuters) The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.
WSJ News Exclusive | FBI Director Compares Ransomware Challenge to 9/11 (Wall Street Journal) In an interview, Christopher Wray calls the disruption and prevention of cyberattacks “a shared responsibility, not just across government agencies but across the private sector and even the average American.”
U.S. Looks Into Cryptocurrency’s Role in Ransomware Hacks (Wall Street Journal) The Biden administration is examining cryptocurrency’s role in recent hacks that have disrupted important U.S. industries including healthcare, fuel and food, exploring new ways to track victims’ payouts to foreign ransomware gangs.
The U.S. Government Finally Decides To Get Serious About Ransomware (Mashable India) Mashable is a global, multi-platform media and entertainment company.
Biden issues an order banning U.S. investment in firms that aid surveillance and repression. (New York Times) The new order, which initially lists 59 Chinese firms, substantially expands an order issued in November by President Donald J. Trump.
Op-ed: Biden needs to stick with Huawei maximum pressure campaign (CNBC) Huawei's attempt to shift its business model to software development to sidestep U.S. sanctions is cause for grave concern, writes Rep. John Katko.
Memorandum on Establishing the Fight Against Corruption as a Core United States National Security Interest (The White House) Section 1. Policy. Corruption corrodes public trust; hobbles effective governance; distorts markets and equitable access to services; undercuts
Executive Order Streamlines Cybersecurity and Reporting Expectations (Apptega) In mid-May of 2021, the White House finalized an Executive Order requiring service providers to report breaches to federal agencies. Read on to learn more.
What the Cybersecurity EO Means for Software Supply Chain Security (Panorays) The cybersecurity Executive Order focuses on improving software supply chain security. Here’s some of what it calls for, and what you can expect as a result.
TSA Security Directive Requires 30-Day Cybersecurity Assessments, Rapid Incident Notification for "Critical" Pipeline and LNG Facilities (Lexology) Less than a month after the high-profile ransomware attack against Colonial Pipeline, the Department of Homeland Security's (DHS) Transportation…
The European Commission Adopts New Standard Contractual Clauses (cyber/data/privacy insights) The European Commission has adopted today the long-awaited new sets of Standard Contractual Clauses: one for use between controllers and processors in the EU/EEA and one for the transfer of personal data to third countries.
As expected, the new clauses are fully aligned with the GDPR and addr
Litigation, Investigation, and Law Enforcement
Supreme Court Draws Limit to Anti-Hacking Law (Wall Street Journal) Three Trump nominees and three liberal justices limit a computer-hacking law’s application to individuals who break into computer systems, rather than extend it to authorized users who pull information for personal or improper purposes.
Supreme Court sides with police officer who improperly searched license plate database (CNN) The Supreme Court on Thursday narrowed the scope of a federal cybercrime law, holding that a policeman who improperly accessed a license plate database could not be charged under the law.
Supreme Court narrows scope of sweeping cybercrime law (POLITICO) The justices agreed with a broad range of critics that prosecutors had been misusing the 35-year-old law.
Supreme Court narrows scope of CFAA computer hacking law (The Record by Recorded Future) The United States Supreme Court has ruled today in a 6-3 vote to overturn a hacking-related conviction for a Georgia police officer, and by doing so, it also narrowed down the scope of the US' primary hacking law, the Computer Fraud and Abuse Act.
Supreme Court Narrows Scope Of Computer Crime Law (Law360) The U.S. Supreme Court on Thursday found that a Georgia police officer did not breach federal computer fraud law by overstepping his authorized access to government records, raising concerns that the U.S. Department of Justice's reading of the statute could criminalize innocuous internet activity.
Government faces legal challenge over NHS data plan (Computing) Campaigners demand an extension to the 'rushed' June 23rd deadline to opt out of GP record sharing scheme
The U.S. Midwest Is Foreign Oligarchs’ New Playground (Foreign Policy) Forget Manhattan or Monaco; it’s cities like Cleveland that are now attracting ill-gotten money from abroad.
Conservative Party fined £10,000 for sending unwanted emails (Computing) Problem occurred when switching bulk email providers, Tories said
Facebook probed by UK and EU competition watchdogs (Yahoo) Authorities in the UK and EU are concerned the firm is using ad data to gain an unfair advantage over rivals.
11th Circuit Upholds Historic $380 Million Equifax Data-Breach Settlement (Courthouse News Service) Objectors to the settlement argued to no avail that a court order approving the settlement was drafted in secret and kept out of view until it was finalized by a federal court in Georgia.