IT Security Newsletter - 5/14/2021
Colonial Pipeline Shells Out $5M in Extortion Payout, Report
Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast. Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption tool that allowed the firm to restore its computer network disabled in last week's attack. READ MORE...
Irish healthcare shuts down IT systems after ransomware attack
Ireland's Health Service Executive(HSE), the country's publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack. "There is a significant ransomware attack on the HSE IT systems," the Irish national health service said. "This has caused some disruption to our services. But most healthcare appointments will go ahead as planned. READ MORE...
Ransomware's New Swindle: Triple Extortion
Ransomware attacks are exploding at a staggering rate, and so are the ransoms being demanded. Now experts are warning against a new threat - triple extortion - which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial breach to grab even more cash for their crimes. Check Point's latest ransomware report found that over the past year, ransomware payments have spiked by 171 percent, averaging about $310,000. READ MORE...
Chemical distributor pays $4.4 million to DarkSide ransomware
Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. Brenntag is a world-leading chemical distribution company headquartered in Germany but with over 17,000 employees worldwide at over 670 sites. READ MORE...
European police bust major online investment fraud ring
Europol and several national law enforcement agencies have teamed up to take down an investment fraud and money laundering ring that caused losses of approximately €30 million (US$36 million) to hundreds of victims, according to a press release by the European Union's law enforcement agency. The investigation led to the arrest of 11 suspects and involved the search of dozens of locations across Europe and Israel. READ MORE...
Microsoft build tool abused to deliver password-stealing malware
Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools (RATs) and information-stealing malware filelessly as part of an ongoing campaign. MSBuild (msbuild.exe) is a legitimate and open-source Microsoft development platform, similar to the Unix make utility, for building applications. This development tool can build apps on any Windows system if provided with an XML schema project file telling it how to automate the build process. READ MORE...
Using iPhones and AirTags to sneak data out of air-gapped networks
A researcher has found out that it is possible to upload arbitrary data from non-internet-connected devices by sending Bluetooth Low Energy (BLE) broadcasts to nearby Apple devices that will happily upload the data for you. To demonstrate their point, they released an ESP32 firmware that turns the micro-controller into an (upload only) modem. They also created a macOS application to retrieve, decode and display the uploaded data. READ MORE...
Researchers design a way to make encrypted keys harder to crack
As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, but AI techniques can be used to predict these keys and gain access to data. Now, Penn State researchers have designed a way to make the encrypted keys harder to crack. READ MORE...
- ...in 1804, the Lewis and Clark Expedition departs to map and explore the Louisiana Purchase.
- ...in 1955, the Warsaw Pact treaty is signed by the Soviet Union and seven other Communist bloc nations.
- ...in 1973, the United States launches its first space station, Skylab.
- On this date, singer-songwriter and Talking Heads founding member David Byrne is born in Dumbarton, Scotland.