JBS Admits Paying $11 Million to REvil Ransomware Attackers
Trump-era TikTok EO rescinded, Lawmakers grill Colonial Pipeline CEO, Intel fixes 73 bugs, Ring's surveillance expands to 1,800 police and 350 fire departments, CISA launches fed agency VDP, more
Know folks in your organization who would benefit from Metacurity? Consider signing up for a bulk subscription at half the price per person.
JBS, one of the world’s largest meat processors, confirmed reports that it had paid hackers “the equivalent of $11 million in ransom” to recover its systems following a ransomware attack that crippled many of its facilities.
“It was very painful to pay the criminals, but we did the right thing for our customers,” Andre Nogueira, chief executive of JBS SA’s U.S. division, said. Nogueira said that the company restored its systems from backup but paid the ransom because it wasn’t clear that the attackers, which the FBI says was the REvil gang, couldn’t find another way to strike. (Jacob Bunge / Wall Street Journal)
Related: Reuters: World News, NBC News Technology, News: NPR, NBC News Technology, New York Post, ABC.net.au, Associated Press Technology, The Independent, SecurityWeek, Cyberscoop, Mercury News, CNN.com, Marketwatch, The Hill: Cybersecurity, Sydney Morning Herald, RT USA, Devdiscourse News Desk, DataBreachToday.com, Infosecurity Magazine, Raw Story, Business Insider, WebProNews, Mother Jones, Engadget, PerthNow, SiliconANGLE, Silicon UK, The Hacker News, NYT > Business Day, RTE, The Guardian, The Korea Times News, Associated Press Technology, South China Morning Post, Channel News Asia, Bloomberg, The Hill: Cybersecurity, New York Post, Daily Maverick, CNN.com, WRAL Tech Wire, BBC News - World, RT USA, Sky News, Axios, NDTV Gadgets360.com, Marketwatch, Fox Business, The Register - Security, The Independent, SecurityWeek
President Biden revoked a Trump-era executive order that sought to ban popular apps TikTok and WeChat because their Chinese ownership risks U.S. national security and the security and privacy of American’s data.
Saying that Trump’s order had not been carried out “in the soundest fashion,” U.S. officials said that a replacement order would establish “clear, intelligible criteria” to evaluate national security risks posed by software applications connected to foreign governments. (Katie Rogers and Cecilia Kang / New York Times)
Related: The Sun, The Guardian, Daily Kos, South China Morning Post, Algemeiner.com, Mercury News, Explica, Lawfare, JD Supra, AppleInsider, TechCrunch, Techdirt, The Guardian, Washington Examiner, Fox Business, The Sun, LA Daily News, CNBC Technology, WRAL Tech Wire, WebProNews, TODAYonline, Chicago Sun-Times - All, Axios, POLITICO, City A.M. - Technology, Mediaite, AOL, Washington Free Beacon, Tech Observer, Voice of America, rthk.hk World News, DataBreachToday.com, RT USA, Tech Insider, The Verge, Cyberscoop, Washington Post, Vox, Mashable
Lawmakers took Colonial Pipeline CEO Joseph Bount to task during the second day of hearings on the ransomware attack that shut down the oil and gas company in May, forcing gas panic buying and oil shortages on the U.S. east coast.
Blount was forced to defend why he decided to pay the ransom to a Russian criminal group known as DarkSide. Blount said, “I did not like handing that money over to criminals, but it was a decision that I made to support the country.” (Aaron Gregg / Washington Post)
Related: Bloomberg, Invezz, CISO MAG, DataBreachToday.com, Cyberscoop, Defense Daily Network, FCW, The Hill: Cybersecurity, TechTarget, New York Times, Defense Daily, The Register - Security, New York Times, Bloomberg, Invezz, The Daily Swig, Threatpost
Researchers at ESET believe that an APT group known as Gelsemium coordinated the supply-chain attack that compromised and abused the updating of the NoxPlayer Android emulator for Windows and macOS to infect gamers' systems between September 2020 and January 2021.
The supply chain attack, dubbed Operation NightScout, affected only a limited set of targets from Taiwan, Hong Kong, and Sri Lanka, hinting at the operation's highly targeted nature. (Sergiu Gatlan / Bleeping Computer)
Intel issued 29 security advisories to fix 73 serious bugs in the BIOS firmware for Intel processors and its Bluetooth products Active Management Technology tools, the NUC Mini PC line, and even in its own security library.
Intel said it found 40 of those, or 55 percent, internally through its own proactive security research, with the remainder discovered through Intel’s bug bounty. (Lisa Vaas / Threatpost)
Amazon’s security camera company Ring has expanded its “Neighbors” surveillance network to include 1,800 police departments and 350 fire departments in just a year, according to documents obtained via public records requests from 11 fire departments that have partnered with Ring.
Amazon does not say publicly how often it complies with requests for footage from law enforcement. (Caroline Haskins / Buzzfeed News)
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a vulnerability disclosure platform (VDP) to allow federal agencies to identify cybersecurity flaws with the help of ethical hackers.
The platform was developed following a September 2020 directive requiring that agencies develop a procedure for reporting cybersecurity flaws and clarify what types of security testing are allowed. (Dave Nyczepir / Fedscoop)
Controversial Chinese telephone tech giant Huawei launched a new global cybersecurity and privacy protection transparency center in Dongguan, China, its largest to date of seven tech centers.
The goal is to provide transparency into Huawei’s tech processes given fears that the company is controlled by the government in Beijing and is a national security risk. Huawei denies it launched the center in response to widely known U.S. national security concerns over Huawei’s relationship with the Chinese government. ( Elles Houweling / Verdict)
Cybersecurity researchers at the New Delhi-based CyberPeace Foundation say they have discovered a malicious gift campaign pretending to be an offer from Tata Motors collecting users' data. The campaign has been traced to China-based hackers.
The researchers say that cybercriminals used Cloudflare technologies to mask the real IP addresses of the front-end domain names used in the gifts from the Tata Motors campaign. (IANS / IB Times)