Security News for the Week Ending December 3, 2021

Australia Proposes Law To Force Online Platforms to Disclose User Info

Australia plans to introduce legislation that will force social media companies to either take down posts that people don’t like or hand over their user’s information. This isn’t law yet, but I can easily see how this will be gamed. This comes in the wake of Australia’s high court saying that publishers can be liable for contents that their customers post. in response, CNN has shut down their Australia Facebook site. I suspect that more publishers will do this – the market for Australia is just not big enough and the liability is too big. Credit: Gizmodo

What a Difference Having Backups Makes

Colorado’s Delta-Montrose Electric Association, an electric coop on the Western Slope of Colorado was hit by a ransomware attack in early November. While they didn’t say it was ransomware, it took down 90% of its internal systems. They were not able to send out any bills last month and they have said that it will take them a long time to restore data that was corrupted. Reports are that they LOST the majority of their historical data for the LAST 20 to 25 YEARS. Guess they didn’t know about backing up there data offline. Credit: MSN

Cuba Ransomware Gang Compromised At Least 49 Critical Infrastructure Entities

The Cuba ransomware gang, which, curiously, is not based in, run by, or funded from Cuba has infiltrated AT LEAST 49 different entities in five critical infrastructure sectors, including finance, government, healthcare, manufacturing and information technology – according to the FBI. It has also made over $40 mil in ransom payments. Much more important than the money is the possibility that this gang has compromised at least dozens of companies in different areas of critical infrastructure. How many more have they infiltrated that we don’t know about? Credit: Bleeping Computer

NSO Group Hacks US State Department

NSO Group has really been getting in trouble lately. Now that it has been banned in the U.S. and is the target of multiple lawsuits and has tried to redeem its image, it was caught spying on at least 9 U.S. State Department employees. NSO says that they cancelled the accounts of the offenders after being told that the media was going to out them for this attack (I think that is called self preservation, but it isn’t going to help). The State Department found out because Apple told them. Credit: Vice

In Case You Thought These Bitcoin “DeFi” Companies Were Safe

Hackers stole hundreds of millions of dollars of cryptocurrency from two “DeFi” projects. MonoX lost $31 million after hackers exploited a bug in their smart contract software and BadgerDAO lost $120 million to hackers when an alert from some of their customers of unusual activity which the admins blew off. $100 million plus later the platform says that it is pausing all withdrawals as the investigate. Likely none of this is covered by insurance. Credit: Hackread

Leave a Reply

Your email address will not be published.