White House Ransomware Summit Excludes Russia, China

Microsoft issues patches for 70+ security flaws, Olympus suffers second cyberattack, Ecuador's top bank hit by likely ransomware attack, Israeli medical center in grips of a ransomware attack, more

The White House is launching today a two-day virtual meeting on ransomware that includes ministers and senior officials from over 30 countries and the European Union to accelerate cooperation to counter ransomware.

The White House said that “participants will cover everything from efforts to improve national resilience to experiences addressing the misuse of virtual currency to launder ransom payments, our respective efforts to disrupt and prosecute ransomware criminals, and diplomacy as a tool to counter ransomware.”

The meeting notably does not include Russia, which the Biden White House has accused of doing little to police the ransomware gangs within its country’s borders. Nor will China be in attendance. The 30 countries attending include Australia, Brazil, Bulgaria, Canada, Czech Republic, Dominican Republic, Estonia, the EU, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, the Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, the UAE, and the UK. (Sean Lyngaas / CNN)

Related: CNN, The Record, White House, White House, The Hill, Reuters, Defense Daily, Bleeping Computer, BusinessWorld, CNN.com, Marketwatch, YonhapNews, Nota Bene: Eugene Kaspersky's Official Blog, Axios, Shannon Vavra - The Daily Beast, Cyberscoop, Associated Press, NBC News, Washington Post

Microsoft issued its Patch Tuesday updates to fix more than 70 security vulnerabilities in its Windows operating systems and other software, including one vulnerability already being exploited. One of the critical bugs concerns Microsoft Word, and two others are remote code execution flaws in Windows Hyper-V, the virtualization component built into Windows.

Adobe also issued Patch Tuesday security updates for various products, including Adobe Reader and Acrobat, Adobe Commerce, and Adobe Connect. (Brian Krebs / Krebs on Security)

Related: ZDNet, Bleeping Computer, Rapid7, Tenable Blog, The Register - Security, Sophos News, Security Week, gHacks, gHacks, Threatpost, The State of Security, Securelist, SC Magazine, US-CERT Current Activity, Help Net Security, The Hacker News

Japanese tech manufacturer Olympus said it is investigating a cyberattack on its IT systems in the US, Canada, and Latin America that it detected on Sunday.

This incident follows a ransomware attack, likely instigated by the BlackMatter ransomware gang, that the company reported on September 11. (Jonathan Greig / ZDNet)

Related: TechCrunch, Olympus, Security Week, Techradar, Security Affairs, Slashdot

Ecuador's largest private bank Banco Pichincha suffered a likely ransomware attack over the weekend that disrupted operations.

The attack led to widespread disruption for the bank, with ATMs no longer working and the online banking portals showing maintenance messages. (Lawrence Abrams / Bleeping Computer)

Related: Reddit - cybersecurity

The Hillel Yaffe Medical Center in Hadera was hit by a ransomware attack that affected the hospital's computer systems.

The hospital is using “alternate systems” in treating patients and says it is operating normally except for elective, non-urgent operations. (Tzvi Joffre / Jerusalem Post)

Related: Israel Hayom, Hamodia, iHLS

In a coordinated disclosure between GitHub and Axosoft, LLC, the makers of the popular GitKraken Git client, GitHub said they revoked weak SSH keys generated by the 'keypair' library used by the software.

Axosoft engineer Dan Suceava, "who noticed that keypair was regularly generating duplicate RSA keys,” discovered the bug. (Lawrence Abrams / Bleeping Computer)

Related: The Hacker News, Duo Security, The Record, GitKraken, Keypair

US Representative Maxine Waters (D-CA) announced that her Twitter account had been hacked and erased.

Twitter said they had opened lines of communications with the lawmaker but identified no signs of account compromise. (Sheila Dang / Reuters)

Related: Mashable, New York Post, Boing Boing, Daily Dot, The Independent, The Independent, Fox News, Daily Dot, Business Insider, Mediaite, Daily Dot, Mashable

Lauren Lide, a former employee of the Melbourne Flight Training school, allegedly hacked into the school’s system to delete and tamper with information related to the school's airplanes.

According to a police report, planes that previously had maintenance issues had been "cleared" to fly by Lide, potentially putting the pilots' lives in danger. Authorities charged Lide with a count of fraudulent use of a computer and two counts of unauthorized access to a computer system or network. (Lorenzo Franceschi-Bicchierai / Motherboard)

Related: Newsweek, Slashdot, WFLA

LibreOffice and OpenOffice have pushed updates to address a vulnerability that allows an attacker to manipulate documents to appear as signed by a trusted source.

Admins are advised to upgrade to the newest version of the open-source office suites as soon as possible. Four researchers at the Ruhr University Bochum discovered the flaw. (Bill Toulas / Bleeping Computer)

Related: Linux Security, Sensors Tech Forum, The Hacker News

Share Metacurity

According to user reports of Visible accounts being hijacked, a digital carrier owned by Verizon called Visible may have been hacked.

However, it’s unclear if an actual attack occurred or if the attackers used usernames and passwords obtained from other data breaches to log in. Visibile has not publicly announced a breach but has locked password resets and changes to billing information. (Corbin Davenport / XDA)

Related: The Verge

Australian Home Affairs Minister Karen Andrews released a ransomware plan that includes mandatory reporting requirements for companies with revenues of $10 million or more a year, requiring those firms to inform the federal government when a ransomware attack has hit them.

Companies that fail to tell the Australian Cyber Security Centre soon after being subjected to a ransomware attack could be hit with civil penalties if they do not comply with the proposed scheme. However, precise penalties have not yet been established. (Anthony Galloway / The Age)

Related: iTnews - Security, TechTimes, ZDNet, Daily Mail, ARN, The Guardian

Google announced the creation of the Google Cybersecurity Action Team, a new effort to help respond to attacks against governments and other critical groups, and a new program to help strengthen businesses' cybersecurity.

The new team will be composed of company cybersecurity experts who will provide customers with incident response services, advisory services for security plans, and ways to deploy Google Cloud securely. The goal is to make it more difficult for these customers to be successfully targeted by hackers. (Maggie Miller / The Hill)

Related: BetaNews, MSSP Alert, The Register, Venture Beat, Techradar, www.thepress.net, Axios, HealthCareIT News, Infosecurity Magazine, Silicon Angle, Google Cloud

President Joe Biden has signed into law a bill, the K-12 Cybersecurity Act of 2021, that is aimed at helping improve cybersecurity at K-12 schools and making them less vulnerable to ransomware attacks.

The bill requires the Cybersecurity and Infrastructure Security Agency to study the cyber risks facing elementary and secondary schools and develop recommendations to assist schools in facing those risks. (Jenni Bergal / NextGov)

Related: Federal News Network, Security Magazine, GCN: News and Blogs

Days after warning that a Russian state-backed hacking group was targeting more than 14,000 government officials, journalists, activists, and national security workers, Google is now sending USB security keys to 10,000 users at high risk of cyberattack.

Google has been sending the security keys to high-risk users throughout 2021 with partner organizations. (Robert Scammell / Verdict)

Related: The Daily Swig, Tech Monitor, BBC News, TechCrunch, Venture Beat

Shift5, an OT cybersecurity company that defends military platforms and commercial transportation systems from cyberattacks, has raised $20 million in a Series A funding round.

645 Ventures led the round with participation from Squadra Ventures, General Advance, and First In. (Dan Kobialka / MSSP Alert)

Related: FinSMEs, Grit Daily, PR Newswire

Photo by Suzy Brooks on Unsplash