Global Operation Brings Notorious REvil Ransomware Group Offline

the endless drumbeat High-profile ransomware attacks continued this week, but Google’s threat analysis group also raised awareness of the sensitive ‘pass the cookie’ attacks that hackers have used in recent years to hijack channels YouTube important. While this type of attack is not new, Google has taken important coordinated action to stem the trend. Compromised YouTube channels have been used to spread cryptocurrency scams and spread other misinformation.

Meanwhile, the International Organization for Standardization last week released its first set of sex toy manufacturing guidelines, a major step in establishing minimum safety standards in the industry. Dubbed ISO 3533 or “Sex Toys: Design and Safety Requirements for Products in Direct Contact with Genitalia, the Anus, or Both”, the document, while important, does not set out clear guidelines for digital security or privacy, the two areas where sex toys have had some big, hard-hitting trips in the past.

If you’re thinking about your account security and want an easy weekend project to help you consolidate things, make sure two-factor authentication is enabled wherever it’s offered. And if you want to switch between authenticator apps, say Google Authenticator to Twilio Authy, we’ve got a guide to do it easily without losing access anywhere.

But wait, there is more. Each week, we put together all the security news that WIRED hasn’t covered in depth. Click on the titles to read the full stories and stay safe.

The notorious Russian-based ransomware gang REvil, which was responsible for the JBS Meat attack in June and the software compromise run by Kaseya in July, was itself hacked and taken offline by a consortium of government groups tasked with l law enforcement. The FBI, US Cyber ​​Command, and the Secret Service worked with partners from other governments on the REvil infrastructure sabotage project. After the Kaseya breach and the resulting ransomware attacks in July, the FBI was able to recover a universal decryptor from REvil itself. But officials withheld the tool so as not to reveal their access to REvil’s infrastructure. After some of the gang’s platforms were taken offline in July, members restored them from backups in September and inadvertently restored access to the law enforcement system, opening the door for a withdrawal. The REvil website and the “Happy Blog” data breach platform are now inaccessible.

The second largest TV channel operator in the United States, Sinclair Broadcast Group, was hit by a ransomware attack earlier this week that impacted the company’s operations and broadcasts. The malicious encryption tool used in the attack is similar to the one used previously by the sanctioned Russian criminal gang Evil Corp. The malware has been attributed to the gang in the past. Sinclair struggled to stabilize operations throughout the week, and employees reported a chaotic situation as stations worked to keep their shows going. “Our goal remains to continue to work closely with a third party cybersecurity company, other incident response professionals, law enforcement and government agencies as part of our investigation and response to this. incident, “Sinclair said in a statement Thursday.

A hacker has apparently compromised Argentina’s Registro Nacional de las Personas, stealing personal data from all Argentines. The treasure is now circulating in private to be sold in criminal circles. The breach took place last month and targeted government computer networks to access the database, also known as RENAPER. The agency issues national identity cards and other government agencies can query its database. Government officials said in a declaration that the attackers understood a legitimate user account to gain access to the database rather than hijacking it by exploiting a vulnerability. The first signs of the violation emerged in early October when a newly created Twitter account posted photos of ID cards and other personal information of 44 prominent Argentines, including President Alberto Fernández and football stars Lionel Messi and Sergio Aguero.

On Thursday, the Federal Trade Commission called six major US-based internet service providers for their shady data management practices and the lack of meaningful privacy and security controls. The study focused on AT&T Mobility, Cellco Partnership (Verizon Wireless), Charter Communications Operating, Comcast (Xfinity), T-Mobile US and Google Fiber. ISPs do not clearly articulate their privacy practices, the FTC found, and do not adequately disclose how they use customer data. The survey also indicated that the services make it difficult for their clients to opt out of data collection.

The problems have been well known for years, but government and private sector efforts to tackle such abuses have clearly not gone far enough. “While consumers would certainly expect ISPs to collect certain information from the websites they visit as part of the provision of Internet services, they would likely be surprised at the extent of the data collected and combined with information. purposes unrelated to providing the service they request “the FTC wrote in the report,” in particular, browsing data, television viewing history, email and search content, data from connected devices, location information and data on race and ethnicity ”.

More great WIRED stories

Previous Reviews | Rejected by Twitter, Trump will try to build his own version.
Next Webinar to explore cryopreservation of rare animal species

No Comment

Leave a reply

Your email address will not be published.