REvil confirms Kaseya attack
The operators of the REvil ransomware gang confirmed that they were responsible for the recent supply chain attack against Kaseya, although code references had already made their responsibility clear. While individual attacks against MSPs and other businesses had ransoms already detailed, the REvil operators also announced they would make a “universal decryptor” for the attack available if someone paid a $70 million ransom. The attackers claim to have encrypted over a million systems, and researchers believe thousands of organizations have been impacted.
White House will attribute Hafnium Exchange hacks
According to Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, the White House will formally attribute the recent Microsoft Exchange Server attacks, expected to come in the next few weeks. Microsoft and other security researchers have found evidence that the group is state-sponsored and operating out of China, with White House recognition of this hinting that a more overt national response is one the way. Neuberger also praised her agency’s work with Microsoft to quickly release a one-click tool to patch the server issues, taking impacted Exchange servers from 140,000 to less than 10 in a week.
Cyber reinsurance rates see a spike
According to the London-based reinsurance broker Willis Re International, in July the company saw a 40% jump in renewal rates as companies look for help in the recovery process from increasingly common ransomware attacks. This comes as the cyber insurance industry itself is getting shaken up, with provider AXA backing away from ransomware insurance products, and France considering banning ransomware insurance on the grounds it encourages attackers. Premiums for this insurance offering are also increasing, as providers are now realizing the exposure many companies face in cyber security.
Apple calls Chinese tracking bluff
Several large Chinese technology companies like Baidu, Tencent and ByteDance attempted to use a Chinese Advertising ID (CAID) as a workaround for user tracking on iOS when users opted out of letting developers access Apple’s Identifier For Advertisers. The logic being that if the major Chinese app publishers all forced the standard, Apple would be in a no-win situation in the market. However, Apple continued to block app updates attempting to use the CAID, with the Financial Times’ sources saying CAID has lost support and the whole project has largely failed to gain traction.
Thanks to our episode sponsor, Viakoo
Play Store apps caught stealing Facebook logins
Popular audio editor accused of being spyware
Big tech warns of impacts from Hong Kong anti-doxxing law
The Asia Internet Coalition, a tech industry trade group that represents Apple, Amazon, Google, Facebook, and other tech companies, warned in a letter that the new law would “result in grave impact on due process and risks for freedom of expression and communication.” The letter highlighted the law’s power to let police arrest local employees if companies are not responsive to content takedown requests. The document states that as an industry view, the companies are considering not offering services in the country under the law.
GETTR social network hacked at launch
The social network was founded by former Trump administration spokesperson Jason Miller. Starting around 8:30am ET, his profile, the site’s support page, various former Trump administration aides, and other high-profile verified accounts had their account names replaced and were otherwise defaced. The accounts were restored by 10am. Speaking to Insider, the claimed attacker said the defacing was “just for fun” and had been technically “easy” to pull off.