JBS Admits Paying $11 Million to REvil Ransomware Attackers

Trump-era TikTok EO rescinded, Lawmakers grill Colonial Pipeline CEO, Intel fixes 73 bugs, Ring's surveillance expands to 1,800 police and 350 fire departments, CISA launches fed agency VDP, more

Know folks in your organization who would benefit from Metacurity? Consider signing up for a bulk subscription at half the price per person.

Get 50% off for 1 year

JBS, one of the world’s largest meat processors, confirmed reports that it had paid hackers “the equivalent of $11 million in ransom” to recover its systems following a ransomware attack that crippled many of its facilities.

“It was very painful to pay the criminals, but we did the right thing for our customers,” Andre Nogueira, chief executive of JBS SA’s U.S. division, said. Nogueira said that the company restored its systems from backup but paid the ransom because it wasn’t clear that the attackers, which the FBI says was the REvil gang, couldn’t find another way to strike. (Jacob Bunge / Wall Street Journal)

Related: Reuters: World NewsNBC News TechnologyNews: NPRNBC News TechnologyNew York PostABC.net.auAssociated Press TechnologyThe IndependentSecurityWeekCyberscoopMercury NewsCNN.comMarketwatchThe Hill: CybersecuritySydney Morning HeraldRT USADevdiscourse News Desk, DataBreachToday.comInfosecurity MagazineRaw StoryBusiness InsiderWebProNewsMother JonesEngadgetPerthNowSiliconANGLESilicon UKThe Hacker NewsNYT > Business DayRTEThe GuardianThe Korea Times NewsAssociated Press TechnologySouth China Morning PostChannel News AsiaBloombergThe Hill: CybersecurityNew York PostDaily MaverickCNN.comWRAL Tech WireBBC News - WorldRT USASky NewsAxiosNDTV Gadgets360.comMarketwatchFox BusinessThe Register - SecurityThe IndependentSecurityWeek

President Biden revoked a Trump-era executive order that sought to ban popular apps TikTok and WeChat because their Chinese ownership risks U.S. national security and the security and privacy of American’s data.

Saying that Trump’s order had not been carried out “in the soundest fashion,” U.S. officials said that a replacement order would establish “clear, intelligible criteria” to evaluate national security risks posed by software applications connected to foreign governments. (Katie Rogers and Cecilia Kang / New York Times)

Related: The SunThe GuardianDaily KosSouth China Morning PostAlgemeiner.comMercury NewsExplica, LawfareJD SupraAppleInsiderTechCrunchTechdirtThe GuardianWashington ExaminerFox BusinessThe SunLA Daily NewsCNBC TechnologyWRAL Tech WireWebProNewsTODAYonlineChicago Sun-Times - AllAxiosPOLITICOCity A.M. - TechnologyMediaiteAOLWashington Free BeaconTech ObserverVoice of Americarthk.hk World NewsDataBreachToday.comRT USATech InsiderThe VergeCyberscoopWashington PostVox, Mashable

Lawmakers took Colonial Pipeline CEO Joseph Bount to task during the second day of hearings on the ransomware attack that shut down the oil and gas company in May, forcing gas panic buying and oil shortages on the U.S. east coast.

Blount was forced to defend why he decided to pay the ransom to a Russian criminal group known as DarkSide. Blount said, “I did not like handing that money over to criminals, but it was a decision that I made to support the country.” (Aaron Gregg / Washington Post)

Related: BloombergInvezzCISO MAGDataBreachToday.comCyberscoopDefense Daily NetworkFCWThe Hill: CybersecurityTechTargetNew York TimesDefense DailyThe Register - Security, New York TimesBloombergInvezzThe Daily SwigThreatpost

Researchers at ESET believe that an APT group known as Gelsemium coordinated the supply-chain attack that compromised and abused the updating of the NoxPlayer Android emulator for Windows and macOS to infect gamers' systems between September 2020 and January 2021.

The supply chain attack, dubbed Operation NightScout, affected only a limited set of targets from Taiwan, Hong Kong, and Sri Lanka, hinting at the operation's highly targeted nature. (Sergiu Gatlan / Bleeping Computer)

Related: The Register - SecurityWe Live Security

Intel issued 29 security advisories to fix 73 serious bugs in the BIOS firmware for Intel processors and its Bluetooth products Active Management Technology tools, the NUC Mini PC line, and even in its own security library.

Intel said it found 40 of those, or 55 percent, internally through its own proactive security research, with the remainder discovered through Intel’s bug bounty. (Lisa Vaas / Threatpost)

Related: Bleeping ComputerThe Register - SecuritySecurityWeekReddit - cybersecurity, Intel, Intel

Amazon’s security camera company Ring has expanded its “Neighbors” surveillance network to include 1,800 police departments and 350 fire departments in just a year, according to documents obtained via public records requests from 11 fire departments that have partnered with Ring.

Amazon does not say publicly how often it complies with requests for footage from law enforcement. (Caroline Haskins / Buzzfeed News)

Related: TechdirtInput, Slashdot, TechCrunch

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a vulnerability disclosure platform (VDP) to allow federal agencies to identify cybersecurity flaws with the help of ethical hackers.

The platform was developed following a September 2020 directive requiring that agencies develop a procedure for reporting cybersecurity flaws and clarify what types of security testing are allowed. (Dave Nyczepir / Fedscoop)

Related: The Daily SwigExecutive Gov, TIMEInside CybersecuritySecurity Magazine

Controversial Chinese telephone tech giant Huawei launched a new global cybersecurity and privacy protection transparency center in Dongguan, China, its largest to date of seven tech centers.

The goal is to provide transparency into Huawei’s tech processes given fears that the company is controlled by the government in Beijing and is a national security risk. Huawei denies it launched the center in response to widely known U.S. national security concerns over Huawei’s relationship with the Chinese government. ( Elles Houweling / Verdict)

Related: The Register - SecurityGlobal Times

Cybersecurity researchers at the New Delhi-based CyberPeace Foundation say they have discovered a malicious gift campaign pretending to be an offer from Tata Motors collecting users' data. The campaign has been traced to China-based hackers.

The researchers say that cybercriminals used Cloudflare technologies to mask the real IP addresses of the front-end domain names used in the gifts from the Tata Motors campaign. (IANS / IB Times)

Related: Business StandardTelecomlive.comChinanews.netBusiness StandardThe HinduE Hacking News