GandCrab ransomware is being pushed through a two-year-old hole in the Connectwise Manage plug-in for Kaseya VSA, Infosecurity Magazine reports. A patch has long been available, but far-from universally applied. MSPs are particularly affected.
The Washington Post says the US Federal Trade Commission is negotiating a multi-billion-dollar settlement with Facebook over privacy issues.
Big Tech continues to receive pressure over content moderation. US Representative Adam Schiff (Democrat of California) sent Facebook CEO Mark Zuckerberg a letter requesting that the social network remove anti-vaccination content from its platform. Bloomberg says Google received a similar letter. Facebook responded in a tentatively favorable way. Nothing yet from Google.
Rather than a ban on Huawei or other manufacturers, Reuters reports, European telecommunications providers say they'd prefer an EU-wide security testing system that would address threats as they were found and before they were introduced into 5G networks.
This would seem obvious, but the point apparently needed to be made. According to CNN, the US Democratic National Committee's security chief has told potential Presidential candidates that you don't have to actually declare your candidacy to become a hackers' target.
A leading (alleged) Apophis Squad skid, Mr. Timothy Dalton Vaughn (noms-de-hack “HDGZero,” “WantedByFeds,” and “Xavier Farbel.”) was indicted by the Feds after his identity was compromised via a hacked gaming site. One of his alleged confederates, Mr. George Duke-Cohan (noms-de hack too colorless to warrant mention) was also indicted. Their alleged activities included swatting, DDoS, doxing, bomb threats, the whole sad customary run of skid lulz.