Security News for the Week Ending November 5, 2021

Trump is Fighting a Mastadon

Donald Trump’s not-yet-launched social media site, Truth, is already fighting a potential lawsuit. Although Trump has not said so, tech folks who have seen the site say that it is based on the open source social media code base called Mastadon. The license that comes with Mastadon requires that users of the source code make their implementation open source and public. The truth about Truth is that they have not done that and now they have 30 days to do it or be sued. Credit: Vice

FBI Raids Chinese Point-of-Sale Giant Pax Technology

Although they are based in China, they have offices in Florida and that is where the raid took place. They have more than 50 million terminals worldwide. Possibly, the Chinese terminals were acting as a command and control server and malware dropper. If true, that would be very painful to stop as the terminals are deployed in small quantities in stores all over the world. One company in the U.S., according to news reports, has started pulling Pax terminals off its network. Even if they give the stores new terminals for free, there is a chip shortage and each store needs to make the new terminal work with the rest of their point-of-sale system, which may not even be possible for older systems. Credit: Yahoo Finance and Brian Krebs

Native Tribal Casinos Ransomware Attacks Costing Casinos Millions

Hackers have figured out that most tribes do not have the technical sophistication or resources of say Vegas casinos and target them. Multiple gangs are launching attacks against multiple tribes. Several incidents have become pubic. For instance, six Lucky Star tribal casinos belonging to the Cheyenne and Arapaho tribes were shut down by ransomware last July, and in May the Seminole Nation’s casino in Oklahoma was also breached, according to the Tribal Business News. Credit: Threatpost

A Drone Tried to Attack the Power Grid

In July 2020 someone used a drone to target a Pensylvania power station. The drone, a DJI Mavic 2 (a Chinese-made drone) had two nylon cords connected by a copper wire dangling from it. The drone had been stripped of identifiable markings and its camera and memory card had been removed. The drone crashed before hitting the target, but drone attacks are becoming a big problem. Credit: United News Post

Ukraine Outs Russian FSB Officers Hacking – Releases Recordings

Ukraine and Russia have not been friends. Russia has been attacking Ukraine for years – blowing up pipelines and hacking the electric grid, for example. Now Ukraine is fighting back. The outed the names of 5 FSB agents working in Ukraine as hackers. They even released recordings of phone calls that the Russian hackers made to each other talking about their deeds and being mad at their government (as in Putin). Credit: The Hacker News

Leave a Reply

Your email address will not be published.