U.S. Elevates Ransomware Attacks to Priority Level on Par With Terrorism
Supreme Court narrows the scope of CFAA, Biden bans Americans' investments in 59 Chinese tech firms, Fujifilm copes with a ransomware attack, Backup company Exagrid hit with ransomware, more
Catch up on the latest news throughout the day by following Metacurity on Twitter!
The Biden administration is elevating investigations of ransomware attacks to a priority level on par with terrorism in the wake of the Colonial Pipeline hack and amid mounting damage caused by ransomware attackers and nation-state adversaries.
Justice Department guidance sent to U.S. attorney offices around the country said that investigators should centrally coordinate information about ransomware investigations in the field with a recently created task force in Washington. This coordination means that investigators should share updated case details and active technical information with leaders in Washington. (Chris Bing / Reuters)
Related: Forbes, CBS News, The Hill, Axios, Fox News, Bloomberg Law, Ars Technica, CNBC, TechCentral.ie, Engadget, Asia One Digital, EURACTIV.com, Fudzilla, NDTV Gadgets360.com, Softpedia News, SlashGear » security, Ubergizmo, Gizmodo
Chris Krebs @C_C_KrebsThis is a positive indication that we're getting serious about stopping ransomware. Much more needs to be done, but directional shifts are a good thing. https://t.co/t7yPF67ZsB
In a 6-3 decision, the U.S. Supreme Court voted to overturn the hacking conviction of a Georgia police officer who snooped for personal reasons in a police database, thereby cutting off the reach of the 1986 Computer Fraud and Abuse Act (CFAA) to charge people who misused databases they are otherwise entitled to access.
In the majority opinion written by Amy Coney Barrett, the Court concurred with critics who said the broader interpretation would "criminalize everything from embellishing an online-dating profile to using a pseudonym on Facebook." (Eric Geller and Josh Gerstein / Politico)
Related: Politico, The Independent, Law & Crime, The Record by Recorded Future, CNN.com - Politics, Gizmodo, Cyberscoop, Tech Insider, Associated Press Technology, Protocol, Vox, Malay Mail - All, iTnews - Security, Reddit - cybersecurity, Wall Street Journal, SC Magazine, SC Magazine, SecurityWeek, ZDNet Security, DataBreachToday.com, EFF, Reddit-hacking, The Register - Security, Slashdot
The Biden administration banned American investors from investing in 59 defense and surveillance technology Chinese companies to prevent US money from being used by Beijing to undermine national security.
The order is slated to take effect on August 2, although investors can make trades during the next 12 months to divest their holdings. While Americans are not required to divest the securities, they will be unable to sell their holdings after the one year has elapsed under the order. (ANI)
Japanese tech giant Fujifilm Corp. shut down part of its computer network and “disconnected from external correspondence” in the face of a ransomware attack.
In a statement, Fujifilm said that it became aware of the ransomware attack on June 1 and has taken measures to suspend all affected systems in coordination with its various global entities. (Sean Lyngaas / Cyberscoop)
The introduction of biometric data collection comes when only a handful of U.S. states have biometric privacy laws, including Illinois, Washington, California, Texas, and New York. (Sarah Perez / TechCrunch)
Researchers at Check Point say they found an ongoing cyber-espionage operation with suspected ties to China targeting a Southeast Asian government to deploy spyware on Windows systems while staying under the radar for more than three years.
Criminals spread the campaign via phishing emails that contain weaponized copies of legitimate-looking official documents to install a previously unknown backdoor on victims’ machines. (Ravie Lakshmanan / The Hacker News)
After announcing in March that it would soon support end-to-end encryption (E2EE) in Microsoft Teams, the software and internet giant now says it will begin rolling out E2EE for Teams in early July and expects the rollout to be completed mid-July.
IT departments will have full control of who can use E2EE in the organization, which will not arrive activated by default. (Surur / MSPowerUser)
Backup appliance maker ExaGrid, which touts a “ransomware recovery solution” as one of its main selling points, paid $2.6 million to ransomware actors that targeted it with Conti ransomware.
The hackers claimed that they had stolen financial and personal data related to ExaGrid’s customers and staff, including “commercial contracts, NDA forms, financial data, tax returns, and source code.” (Valéry Marchive and Antony Adshead / Computer Weekly)
Researchers from Cisco Talos say that Necro Python, a bot that has been in development since 2015, has many changes to increase its power and versatility, including exploits for over ten different web applications and the SMB protocol weaponized in the bot's recent campaigns.
A version of the botnet, released on May 18, also includes exploits for EternalBlue (CVE-2017-0144) and EternalRomance (CVE-2017-0147). (Charlie Osborne / ZDNet)
Researchers from Israeli IoT security firm Vdoo discovered significant vulnerabilities in the Realtek RTL8170C Wi-Fi module that can lead to root access on the OS (such as Linux or Android) of the embedded device that uses this module.
For an attacker to exploit the flaw, they need to be on the same Wi-Fi network as the devices using the RTL8710C module or know the network's pre-shared key (PSK). There have been no known attacks that exploit the vulnerabilities, and firmware versions released after January 11, 2021, provide workarounds that address the vulnerability. (George Dascalu / Softpedia)
Photo by Bjoertvedt, CC BY-SA 3.0 via Wikimedia Commons