Attacks, Threats, and Vulnerabilities
Twitter suspends two accounts used by DPRK hackers to catfish security researchers (The Record by Recorded Future) Twitter has suspended today two accounts operated by North Korean government hackers and used as part of a clever plot to attract security researchers to malicious sites and infect their systems with malware.
Sinclair Broadcast Group identifies data breach (ABC News) Sinclair Broadcast Group said Monday that it’s suffered a data breach and is still working to determine what information the data contained
Sinclair TV stations disrupted across the US after ransomware attack (The Record by Recorded Future) TV broadcasts for Sinclair-owned channels have gone down today across the US in what the stations have described as technical issues, but which sources told The Record to be a ransomware attack.
Local TV Programming Disrupted as Sinclair Hit by Ransomware Attack (The Hollywood Reporter) Sinclair, which owns 184 stations, said Monday that "the event has caused — and may continue to cause — disruption to parts of the company’s business."
Sinclair Broadcast Group Provides Information On Cybersecurity Incident (BusinessWire) Sinclair Broadcast Group Provides Information On Cybersecurity Incident
Russia-Linked TA505 targets financial institutions in a new malspam campaign (Security Affairs) Russia-linked TA505 group leverages a lightweight Office file to spread malware in a campaign, tracked as MirrorBlast, aimed at financial institutions. Russia-linked APT group TA505 (e.g. Evil Corp) is leveraging a lightweight Office file in a new malware campaign, tracked as MirrorBlast, targeting financial institutions in multiple geographies. TA505 hacking group has been active since 2014 […]
Russia-Linked TA505 Back at Targeting Financial Institutions (SecurityWeek) Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies.
REvil ransomware shuts down again after Tor sites were hijacked (BleepingComputer) The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog.
REvil Disappears Again: 'Something is Rotten in the State of Ransomware' (Flashpoint) REvil claims infrastructure was hijacked and shuts downs operations—again—then wishes the illicit community "good luck."
REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised (The Hacker News) REvil, the infamous ransomware group behind a series of cyberattacks in the recent past, has appeared to have gone off the radar once again.
REvil Ransomware Gang Shuts Down Operations After Being Hacked (Tech Times) REvil Ransomware gang shuts down its operations again. This time, its payment portal and data leak site has been hacked.
The ShinyHunters Hacker Group Collects Data Like Gamers Collect Pokémon (MUO) These cybercriminals have hit major companies. You might've even seen their logo: it's the Pokémon, Umbreon. Here's what you need to know.
LANtenna hack spies on your data from across the room! (Sort of) (Naked Security) Are your network cables acting as undercover wireless transmitters? What can you do if they are?
Twitch Says Hack Impacted 'Small Fraction of Users' (SecurityWeek) Twitch has shared another update about the recent hack, and it claims to have determined that only a small fraction of users are affected and customer impact is minimal.
Twitch: No Passwords Were Taken in Data Breach (Infosecurity Magazine) A massive breach at one of the world’s biggest gaming platforms earlier this month may not be as bad as first thought, with the firm claiming that no passwords were exposed in the incident.
Accenture confirms data breach after August ransomware attack (BleepingComputer) Global IT consultancy giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that hit the company's systems in August 2021.
Accenture sheds more light on August data breach (SearchSecurity) In a SEC filing, Accenture confirmed the loss of confidential data in an August LockBit ransomware attack.
Accenture Breach: No Material Impact On Customer Operations (MSSP Alert) Accenture data breach briefly described in SEC filing; incident had no material impact on Accenture & IT consulting firm's customer operations.
Multiple cyberattack attempts on Israeli hospitals thwarted, officials say (Times of Israel) National Cyber Directorate and Health Ministry say 'early assessments and a quick response' stopped the attacks over weekend; Hillel Yaffe's systems still being restored
Thingiverse Data Breach Reveals Passwords, User Addresses (PCMAG) And the number of affected users is somewhere between 500 and 2 million.
Could This New Data Breach End Thingiverse? (All 3DP) A Thingiverse data breach has revealed private data for 228,000 unique users. Unfortunately, the repository's response has been... lacking.
Ransomware Hit SCADA Systems at 3 Water Facilities in U.S. (SecurityWeek) Three ransomware attacks launched this year hit ICS/SCADA systems at water facilities in the United States.
Electric distribution reclosers can be cyber compromised to cause devastating wildfires (Control Global) October 13, 2021, the San Jose Mercury News had the following headline: “High-wire act for PG&E: balancing safety, reliability”. Two lawsuits have been filed on behalf of nearly 200 people alleging PG&E caused this summer’s massive Dixie Fire in Butte County, which followed several blown fuses and equipment malfunctions. Last month, PG&E was charged with manslaughter after a tree fell onto a line and sparked Shasta County’s 2020 Zogg Fire, killing four people. PG&E pleaded guilty to 84 counts of voluntary manslaughter in a 2018 blaze that nearly destroyed the town of Paradise.
Windows 10, iOS 15, Ubuntu, Chrome fall at China's Tianfu hacking contest (The Record by Recorded Future) Chinese security researchers took home $1.88 million after hacking some of the world's most popular software at the Tianfu Cup, the country's largest and most prestigious hacking competition.
Acer Confirms Third Cyberattack in 2021 (Privacy Affairs) The hacker group Desorden announced it had now hacked and breached Acer Taiwan, releasing sensitive employee information.
Buffalo Public Schools didn't pay ransom in cyberattack, but response cost nearly $10M (The Buffalo News) Nathaniel Kuzma, the district's general counsel, said it's still not clear how much information was exposed nor what data, if any, was lost and not recovered.
Report: French Estate Agency Leaks Thousands of Customer Files (Website Planet) Company name & location: GSI Immobilier, located in France Size (in GB and amount of records): 2 GB of data, 1342 records Data Storage
Council records more than ONE THOUSAND data breaches in 5 years (Oxford Mail) COUNCIL data breaches have multiplied almost tenfold in the last five years.
Infosec expert Beaumont slams Microsoft over hosting malware 'for years' (iTWire) A British tech researcher, who quit working as a security threat analyst with Microsoft a few months back, has called on his former employer to act speedily to remove links to ransomware on its Office365 platform. In a tweet sent on Friday, Beaumont said: "Microsoft cannot advertise themselves a...
Trends
The True Cost of DDoS Attacks (Infosecurity Magazine) The cost of DDoS attacks is on the rise, and only an active defense will counter their potentially crippling impact
Marketplace
Solista, CXO Security, Privasec, Naviro merge as security provider Sekuro (CRN Australia) Creating $68m company across Sydney, Melbourne, Brisbane and Perth.
BakerHostetler Adds Former Acting Director for Federal Trade Commission's Bureau of Consumer Protection as a Partner in the Digital Assets and Data Management Practice Group (BakerHostetler) BakerHostetler is pleased to announce that Daniel Kaufman, who was recently Acting Director for the Bureau of Consumer Protection at the Federal Trade Commission (FTC), has joined the firm as a partner in its Washington, D.C., office.
Products, Services, and Solutions
DIGISTOR Announces New C Series of Security Enhanced Self Encrypting Drives (SEDs); Expands Citadel Secure Drive Offering; Entered Common Criteria Evaluation for SSDs (DIGISTOR) DIGISTOR®, a leading provider of secure Data At Rest (DAR) storage solutions, announced its Series C secure SSDs, the first DIGISTOR SSDs to add Cigent® D3E cybersecurity software.
Insight SIP announces additional development of its IoT security program, in partnership with the French Southern Region Future Investment program. (Insight SIP) Insight SIP, the specialist in miniature RF modules with integrated antennas, announced today that it has obtained financing from the French government and Southern regional Government as part of the “Regional Investment Program for the Future” enabling it to further develop its IoT security program.
BlackFog Partners with Telkom Business to Curb Cyber Crime Against SMMEs (BlackFog) BlackFog partners with Telkom Business, a South African telecommunications provider operating in over 38 countries across Africa for cybersecurity.
Technologies, Techniques, and Standards
Cyber Private Eyes Go After Hackers, Without Counterattacking (Wall Street Journal) Some companies work within the confines of a federal law against invading someone’s computer to take action against attackers, stopping short of hacking back.
Stronger Cyber Controls Are Needed to Counter Ransomware Pandemic, According to New Allianz Risk Report (BusinessWire) Cyber insurer Allianz Global Corporate & Specialty analyzes the latest ransomware risks and outlines how companies can strengthen their defenses
Cyber risk trends driving the surge in ransomware incidents (Help Net Security) In a recent report, Allianz analyzes the latest ransomware trends and outlines how companies can strengthen their defenses.
FIDO Alliance Research Tracks Passwordless Authentication as It Moves Mainstream (PR Newswire) Summary of key findings: Passwords still prevail over other, more secure authentication methods — 56% of people used them to log into financial...
How to Create a Ransomware Incident Response Plan (SearchSecurity) Follow these steps before, during and after a ransomware attack, and get help building a nine-step ransomware incident response plan with our free template.
Design and Innovation
Where will quantum computing first deliver over traditional computers? One CEO thinks he knows. (Washington Business Journal) Every conversation around quantum computing and its potential to revolutionize industries eventually circles back to two questions: When will it outpace classical computers and where will it be applicable first?
Academia
West Virginia's Marshall University launches Institute for Cyber Security (WV News) Marshall University on Wednesday launched its new Institute for Cyber Security with a ribbon cutting ceremony.
Legislation, Policy, and Regulation
How Will Japan’s Cybersecurity Posture Impact its Relations With China? (Diplomat) Japan’s new Kishida government seeks to bolster the national response to cyber threats from China, the country’s largest export market. What could go wrong?
Nations Vow to Combat Ransomware at US-Led Summit (SecurityWeek) Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit.
Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting (The Hacker News) Over 30 nations declare their commitment to fighting ransomware attacks at US-led global meeting
LinkedIn’s Exit From China Cuts Another East-West Bridge (Wired) The Microsoft subsidiary had agreed in 2014 to censor content in China, but that apparently wasn’t enough for tougher government regulators.
The White House's Plan to Stop Government Employees From Getting Phished (Vice) An Office of Management and Budget official explained the large scale plan to move the federal government to phishing-resistant multi-factor authentication.
Sanctions Compliance Guidance for the Virtual Currency Industry (Office of Foreign Assets Control) Virtual currencies are beginning to play an increasingly prominent role in the global economy. The growing prevalence of virtual currency as a payment method likewise brings greater exposure to sanctions risks—like the risk that a sanctioned person or a person in a jurisdiction subject to sanctions might be involved in a virtual currency transaction.
Cassidy-Led School Cybersecurity Legislation Signed Into Law (L'Observateur) WASHINGTON – U.S. Senator Bill Cassidy, M.D. (R-LA) sponsored legislation to enhance cybersecurity assistance to K-12 educational institutions across the country was signed into law by the President late last week. The bipartisan K-12 Cybersecurity Act helps educational institutions bolster their cybersecurity protections by instructing the Cybersecurity and Infrastructure Security Agency (CISA) to examine the risks […]
US politicians seek to ban Huawei spinoff phone brand Honor (CRN Australia) Want to add Huawei spinoff Honor to Chinese tech blacklist.
Election and Cyber Experts Warn Lawmakers Against Online Voting for Overseas Troops, Citing Security Risks (Military.com) At issue is language in the House-passed version of the FY 2022 National Defense Authorization Act that sets Pentagon policy and spending priorities.
Litigation, Investigation, and Law Enforcement
Crypto Fraud Costs More Than $200 Million This Year, U.K. Police Say (Bloomberg) Fraud linked to crypto currencies surged in the first nine months of the year, U.K. Police said, with victims cheated out of more than 146 million pounds ($200 million) so far.
Governor Accuses Reporter of Hacking After Flaws in State Website Are Revealed (New York Times) Gov. Mike Parson of Missouri has asked for a criminal investigation of a St. Louis Post-Dispatch reporter who told the state that a website revealed teachers’ Social Security numbers.
Did a reporter really do anything wrong in looking into a state government website? (KWOS) Hey Governor .. ‘Don’t shoot the messenger’. Mike Parson says he’s going after the St. Louis Post Di
A Missouri newspaper told the state about a security risk. Now it faces prosecution (NPR.org) The St. Louis Post-Dispatch says it alerted officials to a security flaw on a state website. Gov. Mike Parson described it as a hack that be investigated and could cost taxpayers $50 million.
US Treasury said it tied $5.2 billion in BTC transactions to ransomware payments (The Record by Recorded Future) The financial crimes investigation unit of the US Treasury Department, also known as FinCEN, said today it identified approximately $5.2 billion in outgoing Bitcoin transactions potentially tied to ransomware payments.
Financial Trend Analysis: Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021 (Financial Crimes Enforcement Network) This Financial Trend Analysis is in response to the increase in number and severity of ransomware attacks against U.S. critical infrastructure since late 2020.
S Korea seeks Interpol notice for two cyber gang leaders (ABC News) South Korea says it’s asked Interpol for help to arrest two foreigners including a Ukrainian over their alleged involvement in cyberattacks and large-scale extortion that targeted South Korean and U.S. companies
Amazon Ring doorbell: How data breach ruling may impact you (Yahoo) 'We strongly encourage our customers to respect their neighbours' privacy,' said Ring.
Leave no trace: how a teenage hacker lost himself online (the Guardian) The long read: Edwin Robbe had a troubled life, but found excitement and purpose by joining an audacious community of hackers. Then the real world caught up with his online activities
Ex-intel official who created controversial Trump Russia dossier speaks out (CNN) Former British intelligence officer Christopher Steele, the man behind the "Steele Dossier" that claimed Russian officials held compromising information on former President Donald Trump, defended the claims made in the dossier in his first on-camera interview since it was revealed in 2017.
New York man sexually assaulted local teen he met online: police (York Dispatch) A New York\u00a0man allegedly traveled\u00a0to York County and sexually assaulted a teen girl whom he had met online.
Patient files class action lawsuit against UF Health as result of ransomware attack (Villages-News) A patient has filed a class action lawsuit against UF Health as the result of a ransomware attack that exposed patients’ information for sale on the dark web.
Kemper Strikes $17.6M Deal To End Data Breach Litigation (Law360) Kemper Corp. and subsidiary Infinity Insurance Co. have entered a settlement valued around $17.6 million to end litigation over claims stemming from two data breaches that gave hackers access to customers' personal information, a proposed customer class said Thursday.
Google Users Push For Class Cert. In Chrome Privacy Suit (Law360) Chrome browser users who are accusing Google of collecting personal data from them without permission are pressing U.S. District Judge Lucy Koh to allow them to proceed as a certified class, arguing that the tech giant made nearly identical privacy promises to all proposed class members.
Russian court to consider transfer of jailed ex-U.S. Marine Whelan to U.S. - TASS (Reuters) A Russian court will consider a request next month to transfer former U.S. Marine Paul Whelan, sentenced last year to 16 years in a Russian jail, to the United States, his lawyer told TASS news agency on Monday.