Ransomware demands surge in 2021
According to an analysis by the Unit 42 security consulting group, ransomware demands were up 518% on the year in the first half of 2021, while actual payments were up 82% over the same period. This means the average ransom payment has now hit $570,000, up from $312,000 last year. The growth of payments actually slowed compared to last year, when payments were up 171% over 2019. The researchers noted the rise of multitiered extortion schemes opened the door for higher payments.
Flaw found in IOT random number generators
Bishop Fox security researchers Dan Petro and Allan Cecil published an analysis of dedicated hardware random number generators or RNG peripherals on IOT boards, and found that many lack checks for error code responses. Failures for RNGs can occur when the device has run out of entropy from a physical processes or phenomenа. This lack of error code checks can result in predictable number generation or crypto keys containing plain zeros. The researchers said including a cryptographically secure pseudorandom number generator API on the devices, similar to those used in desktop systems, could solve the problem. IOT makers could also block calls for random numbers when a device has exhausted entropy.
Apple says nation states cannot add to CSAM scanning lists
Apple updated its FAQ, stating that its newly announced client-side scanning technology coming to iOS and MacOS is limited to child sexual abuse material stored in iCloud and “we will not accede to any government’s request to expand it.” The company said the images it uses to create hashes for scanning come from the National Center for Missing and Exploited Children (NCMEC) and other child safety organizations, with the same list maintained over all devices to prevent individual targeting.
Google Cloud tool hopes to leave less unattended instances
Google Cloud moved the Unattended Project Reminder feature into public preview, which scans API, network and user activity to find cloud-computing projects no longer in use. This feature is part of Google Cloud’s Active Assist and can save organizations from paying for unneeded resources, but also address security issues of leaving network instances online. The feature looks at a variety of signals to determine if a project is unattended or intentionally has a low level of activity.
(ZDNet)
Thanks to our episode sponsor, Sotero
Now we need to worry about power LEDs
The mad scientists/security researchers at Ben-Gurion University’s Cyber@BGU team published details about a novel passive form of the TEMPEST attack called Glowworm, which converts minute fluctuations in the intensity of power LEDs back into the audio signals that caused those fluctuations. These fluctuations are not perceptible to the human eye, but can be read by a photodiode coupled to a simple optical telescope, then run through a Analog/Digital Converter for direct playback. Because this is completely passive, it would not be picked up by any electronic countermeasure sweep.
Firefox usage in decline
According to Firefox’s Public Data Report, the browser had 198 million monthly active users in Q2 2021, down 46 million since January 2019. The web traffic analysis site StatCounter shows Firefox’s global market share down 1.2% to 3.45% over the same period. Firefox is notable as the only browser with significant market share that’s available across platforms and not based on Chromium. While Apple’s Safari browser is based on Webkit and has significantly higher market share, it is limited to macOS and iOS.
Gigabyte hit with ransomware
The OEM became the latest PC-brand to be hit with an attack, following recent attacks on Acer and Quanta. The group RansomEXX reportedly stole 112GB of sensitive internal data as well as some of the company’s code repository. Gigabyte said it reported the incident to law enforcement but declined to say if it paid the ransom. RansomEXX began in 2018 under the name Defray, before rebranding in 2020 as it focused on higher profile targets including the Brazilian government, Texas’ Department of Transportation, and Ecuador’s state-led telecom.
(Engadget)
Facebook revamps its data transfer tools
Facebook’s “Transfer Your Information” tool lets you export some data for use by other services, previously mainly limited to photos. But Facebook just updated it with the ability to export to different services simultaneously, and filter exports so it’s not all-or-nothing. In addition to photos, the tool now supports the Facebook Events data type to export event listings to Google Calendar. And Photobucket has been added to the list of places you can export your photos. Facebook already supports exporting images to Google Photos, Dropbox, Blogger, and WordPress. The UI also got a tweak in an effort to make it easier to use.
(9to5Mac)