HomePodcastCyber Security HeadlinesCyber Security Headlines – July 6, 2021

Cyber Security Headlines – July 6, 2021

REvil confirms Kaseya attack

The operators of the REvil ransomware gang confirmed that they were responsible for the recent supply chain attack against Kaseya, although code references had already made their responsibility clear. While individual attacks against MSPs and other businesses had ransoms already detailed, the REvil operators also announced they would make a “universal decryptor” for the attack available if someone paid a $70 million ransom. The attackers claim to have encrypted over a million systems, and researchers believe thousands of organizations have been impacted. 

(The Record)

White House will attribute Hafnium Exchange hacks 

According to Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, the White House will formally attribute the recent Microsoft Exchange Server attacks, expected to come in the next few weeks. Microsoft and other security researchers have found evidence that the group is state-sponsored and operating out of China, with White House recognition of this hinting that a more overt national response is one the way. Neuberger also praised her agency’s work with Microsoft to quickly release a one-click tool to patch the server issues, taking impacted Exchange servers from 140,000 to less than 10 in a week.

(The Record)

Cyber reinsurance rates see a spike

According to the London-based reinsurance broker Willis Re International, in July the company saw a 40% jump in renewal rates as companies look for help in the recovery process from increasingly common ransomware attacks. This comes as the cyber insurance industry itself is getting shaken up, with provider AXA backing away from ransomware insurance products, and France considering banning ransomware insurance on the grounds it encourages attackers. Premiums for this insurance offering are also increasing, as providers are now realizing the exposure many companies face in cyber security. 

(ZDNet)

Apple calls Chinese tracking bluff

Several large Chinese technology companies like Baidu, Tencent and ByteDance attempted to use a Chinese Advertising ID (CAID) as a workaround for user tracking on iOS when users opted out of letting developers access Apple’s Identifier For Advertisers. The logic being that if the major Chinese app publishers all forced the standard, Apple would be in a no-win situation in the market. However, Apple continued to block app updates attempting to use the CAID, with the Financial Times’ sources saying CAID has lost support and the whole project has largely failed to gain traction.

(9to5Mac)

Thanks to our episode sponsor, Viakoo

Using a discovery solution like Armis, Forescout, Ordr, and others? Great news – when you discover vulnerable IoT devices you can automate firmware, certificate, and password management to make those devices secure. Learn more at Viakoo.com.

Play Store apps caught stealing Facebook logins

Google removed nine apps from the Play Store following a report from the security firm Dr. Web that the apps were using JavaScript injected into a webform to steal Facebook login credentials as well as cookies from the current authorization session. Users were asked to login to a Facebook account as a way to opt-out of ads in the app. The most popular app, PIP Photo, had been downloaded over 5.8 million times, with the remaining apps downloaded 500,000 or less each. 

(Ars Technica)

Popular audio editor accused of being spyware

The popular open-source audio editor Audacity released an updated privacy policy that includes provisions for data collection, following the apps acquisition by the company Muse Group back in May. Under the policy, Audacity can collect IP addresses which will be stored for 24 hours, as well as processor, OS version, and unspecified data “for legal enforcement,” with data stored in the European Economic Area, as well as Muse Group’s office in Russia and in the US. The policy also states that Muse Group can share data collected with potential buyers in the future. 

(AppleInsider)

Big tech warns of impacts from Hong Kong anti-doxxing law

The Asia Internet Coalition, a tech industry trade group that represents Apple, Amazon, Google, Facebook, and other tech companies, warned in a letter that the new law would “result in grave impact on due process and risks for freedom of expression and communication.” The letter highlighted the law’s power to let police arrest local employees if companies are not responsive to content takedown requests. The document states that as an industry view, the companies are considering not offering services in the country under the law.  

(NYTimes)

GETTR social network hacked at launch

The social network was founded by former Trump administration spokesperson Jason Miller. Starting around 8:30am ET, his profile, the site’s support page, various former Trump administration aides, and other high-profile verified accounts had their account names replaced and were otherwise defaced. The accounts were restored by 10am. Speaking to Insider, the claimed attacker said the defacing was “just for fun” and had been technically “easy” to pull off. 

(Insider)


Rich Stroffolino
Rich Stroffolino is a podcaster, editor and writer based out of Cleveland, Ohio. He's spent the past five years creating media for technology enthusiasts and IT practitioners. He dreams of someday writing the oral history of Transmeta.
RELATED ARTICLES

Most Popular