JBS Says Most Meat Processing Will Resume Today Following Ransomware Attack

DoJ takes control of two SolarWinds hackers' C2 domains, Firefox will make Total Cookie Protection default mode, Hacker behind @Flatl1ne Twitter account arrested om Russia, more

Know a student or other learner who would benefit from Metacurity’s daily incisive summaries of the top infosec developments? Consider giving them a gift subscription.

Give a gift subscription

The ransomware attack on JBS SA, which forced the world’s largest meat processor to shut down production in Australia and North America and at one meat plant in Canada, is attributable to a Russia-linked hacking group known as REvil or Sodinokibi, according to multiple sources. JBS said that it expected to resolve the crisis today when “the vast majority” of its plants become operational again.

REvil has yet to post a blog item dedicated to JBS, and it’s unclear how the short shutdown will impact meat prices. (Mike Dorning, Fabiana Batista, Sybilla Gross / Bloomberg Quint)

Related: Al Jazeera EnglishThe Hill: CybersecurityVerdictBusiness StandardSiliconANGLE,  Japan TodayWashington PostHuffington Post, ForbesUPI.comTelecomlive.comSouth China Morning PostCBSNews.comBloombergFox BusinessEvening StandardAssociated PressEuro NewsUSA TodayAxiosRTEPC RiskFrance 24CyberNewsTelecomlive.comNDTV Gadgets360.comBBC News - WorldSilicon UKTechnology DecisionsInformation AgeBBC News - WorldE Hacking NewsForeign PolicyEurasia RevieweuronewsReddit-hackingRaw StoryCISO MAGSecureReadingExploit OneGizmodoCBSNews.comWashington PostNews.com.auAP Top NewsSecurityWeekFinancial TimesNewsweekThe InterceptSC MagazineThe IndependentDark Reading: Attacks/BreachesMiami HeraldSecurityWeek, DataBreachToday.com, TechCentral.ieNew York PostThe Huffington PostThe SunRT NewsWeb Pro NewsThe Huffington PostPoliticoAssociated Press TechnologyThe GuardianAl Jazeera EnglishHotHardware.comEnterprise TimesNew York PostCyberscoopForbesBusiness InsiderGizmodoThe Hill: CybersecurityMSSP AlertAOLVoxisssource.comVICE NewsThe Crime ReportChicago Sun-Times - AllSecurity AffairsInputThe Record by Recorded FutureEngadgetGraham CluleyNews: NPRNBC News Top StoriesThe Mac ObserverSecurityWeekVerdictPYMNTS.comDataBreaches.netReddit - cybersecurityCyber News GroupThreatpost, Beef Central

The U.S. Department of Justice (DoJ) has taken control of two command-and-control (C2) and malware distribution domains used in a new spear-phishing campaign by the Russian hackers who breached SolarWinds IT management software. First flagged by Microsoft, that campaign mimicked email communications from the U.S. Agency for International Development (USAID).

DoJ said its seizure is “aimed at disrupting the malicious actors’ follow-on exploitation of victims, as well as identifying compromised victims” but that “the actors may have deployed additional backdoor accesses between the time of the initial compromises and last week’s seizures.” (Ravie Lakshmanan / The Hacker News)

Related: UPI.comDataBreachToday.comSecurity Affairs, Reddit - cybersecurityZDNet SecurityThe Register - Security, Dark Reading, Department of Justice

Starting with the just-released Firefox 89 version, users will be protected against cross-site tracking automatically while browsing the Internet in Private Browsing mode because Firefox’s Total Cookie Protection will be enabled by default in Private Browsing windows.

With Total Cookie Protection, all websites are forced to keep their cookies in separate "jars," thus preventing them from tracking you across the web and building browsing profiles. (Sergiu Gatlan / Bleeping Computer)

Related: The Mozilla BlogTechDatorTechDatorxda-developersNeowiniPhone HacksgHacksSlashdot, MacRumors

Russian hacker Pavel Sitnikov, known primarily for operating the now-suspended @Flatl1ne Twitter account and the Freedom F0x Telegram channel, has been arrested in Russia on charges of distributing malicious software via his Telegram channel.

Sitnikov was allegedly charged for posting the source code of the Anubis banking trojan on Freedom F0x, a Telegram channel where Sitnikov often posted data leaks and malware sources. But the hacker’s wife says he was arrested related to a post her husband made on December 9, 2021, when he shared a download link to the personal data of more than 300,000 COVID-19 patients registered with the Moscow Department of Health. Sitnikov faces up to five years in prison. (Catalin Cimpanu / The Record)

Related: Security AffairsDataBreaches.net

Follow Us on Twitter

Last week, the Swedish Public Health Agency (Folkhälsomyndigheten) shut down SmiNet, the country's infectious diseases database saying it had been targeted in several hacking attempts.

The agency could not report complete COVID-19 stats starting with Wednesday at 4 PM due to the database shut down and no updates are planned. (Sergiu Gatlan / Bleeping Computer)

Related:DataBreachToday.comSecurityWeekDataBreaches.net

Researchers at Cofense have observed a new phishing campaign that attempts to gather login credentials from employees returning to work after the pandemic using emails that pose as the Chief Information Officer (CIO).

The campaign exploits the post-pandemic workplace by having the fake CIO explain the new precautions and changes to business operations the company is taking relative to the pandemic. (Carly Page / TechCrunch)

Related: Business InsiderFederal News NetworkThe DrumInfosecurity MagazineCofense, Tech Times

Threat intelligence and data recovery start-up Redacted came out of stealth with an announcement of a $35 million Series B venture capital funding round.

The round was led by Ten Eleven Ventures, with participation from Valor Equity Partners and SVB Capital. (Ingrid Lunden / TechCrunch)

Related: Business Wire Technology NewsFinSMEsCrunchbase NewsSecurityWeek

Cybersecurity monitoring and data analysis automation company Exabeam raised $200 million a Series F funding round.

The round was led by the Owl Rock division of Blue Owl Capital and supported by existing investors Acrew Capital, Lightspeed Venture Partners, and Norwest Venture Partners.  (Exabeam)

Related: SecurityWeekReuters: World NewsMSSP AlertCRN, Silicon Angle

Photo by Daniel Leone on Unsplash