This week’s Cyber Security Headlines – Week in Review, July 12-16, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Norman Hunt, deputy CISO, GEICO

Cyber Security Headlines – Week in Review is live every Thursday at 4pm PT/7pm ET. Join us each week by registering for the open discussion.

REvil web sites mysteriously shut down

While it is not unheard of for REvil sites to lose connectivity for some time,for all sites to shut down simultaneously is unusual. Furthermore, the decoder[.]re clear website is no longer resolvable by DNS queries, possibly indicating the DNS records for the domain have been pulled or that backend DNS infrastructure has been shut down. At this point, it is not clear if the shutdown of these servers is simply a technical issue, if the gang closed down their operation, if a law enforcement operation took place or even if there is a connection to the ransomware related talks between President Biden and President Putin.

(CSO Online)

US offers $10 million reward for info on state-sponsored hackers disrupting critical infrastructure

Reward for any information that helps US authorities identify and locate threat actors “acting at the direction or under the control of a foreign government” that carry out malicious cyber activities against US critical infrastructure. Through its announcement today, the State Department is looking for proof that these gangs are operating with some sort of help or guidance from local regimes.To facilitate tips, the State Department said it was willing to pay rewards in cryptocurrency and even set up a specialized dark web portal to receive anonymous tips.

(The Record)

July 15: one year anniversary of the great Twitter hack

Bezos, Biden, Obama Twitter accounts get hacked from the inside, start hawking Bitcoin. This should go down as a classic social engineering case study and a tabletop exercise for every organization.

(Security Affairs

Kaseya starts patch rollout

The company began the rollout of a patch to its VSA remote monitoring software, which had been compromised as part of a supply chain attack and subsequently offline since early July. An initial attempt was made to relaunch SaaS servers on July 6, but pushed back due to further technical problems. 95% of the company’s SaaS customers are now live, with the company pledging to bring the remaining customers on in the coming hours. On-prem customers also have a VSA patch available, and Kaseya is providing technical help to make sure the patch is applied. The patched version does lose API endpoint functionality, as the company is currently working to redesign API calls with “the highest level of security.”

(ZDNet)

Thanks to our episode sponsor,
Varonis

Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis’ leading data security platform.

Bank of England to crack down on ‘secretive’ cloud computing services

The Bank of England (BoE) stated yesterday that regulators need to act to avoid banks’ reliance on a handful of outside cloud computing providers, which they claim can be secretive and a threat to financial stability. Though not naming companies specifically, British banks and other financial firms are known to outsource key cloud services to Amazon, Microsoft, and Google, to improve efficiency and cut costs. The BoE said cloud computing could sometimes be more reliable than banks hosting all their servers themselves, but big providers could dictate terms and conditions – as well as prices.

(Reuters)

European privacy regulators take aim at corporate cybersecurity failures

European privacy regulators are increasingly cracking down on cybersecurity lapses that expose personal information, highlighting the legal and financial risks that come with how companies secure data. While recent high-profile cyberattacks have highlighted the potential fallout from a damaging hack, privacy experts say, executives often overlook the possibility of additional scrutiny from regulators. From Croatia to Norway, companies are being fined for incidents or oversights that leave customers’ information exposed in contravention to the GDPR, with attention being given to breaches relating to security failures were deemed entirely preventable. 

(Wall Street Journal)

Campaign looks to end use of facial recognition in retail

A group of 35 organizations, led by the privacy non-profit Fight for the Future, have created the Ban Facial Recognition in Stores campaign to highlight the use of the technology in retail environments and, as the name suggests, put pressure on them to stop. The group notes that Apple, Lowe’s, Albertsons, Macy’s, and Ace Hardware use facial recognition, while some large retailers like Walmart, Home Depot, and Target have committed to not using it. While some states and cities have bans on government use of facial recognition, only Portland, Oregon has included private businesses in legislative bans. 

(The Verge)