World's Largest Meat Processor Hit with Apparent Ransomware Attack
Know colleagues who need access to Metacurity’s exclusive daily summaries of the top infosec developments? Consider signing up for an organizational subscription at half the price!
The Australian and North American arms of the world’s largest meat processor, Brazil’s JBS Meat Processing, have been affected by what appears to be a ransomware attack, with the Australian arm completely shut down. The North American operations of JBS were closed for the Memorial Day weekend, but a similar shutdown is expected for this branch of the business in the U.S.
JBS Australia said it could not speculate when it would resume processing operations in Australia, saying the priority was to assess the impact and extent of the attack. (Jon Condon / Beef Central)
Related: Sydney Morning Herald, TechNadu, Cybersecurity Insiders, PerthNow, WA Today, Daily Mail, Mic, Data Breaches Digest, iTnews - Security, Reuters: World News, USA Today, USA Today, Security News | Tech Times, Channel News Asia, TribLIVE, News.com.au, Bleeping Computer, teiss, Softpedia, Raw Story, ZDNet, Daily Mail, Associated Press Technology, The Independent, Security News | Tech Times, Business Insider, Graham Cluley, Fox Business, SC Magazine, CNN
Danish public broadcaster Danmarks Radio, in conjunction with the Swedish public broadcaster SVT, Norway’s NRK, France’s Le Monde, and Germany’s NDR, WDR, and Süddeutsche Zeitung, reported that Denmark’s military intelligence agency, the Danish Defence Intelligence Service (FE), helped the National Security Agency (NSA) to spy on leading European politicians officials in Germany, Sweden, Norway, and France, including the German chancellor, Angela Merkel.
According to several sources, the allegations are contained in an internal classified report on the FE’s role in the surveillance partnership agreement with the NSA from 2012 to 2014. The report says the NSA used Danish information cables to spy on senior officials, including the former German foreign minister, Frank-Walter Steinmeier, and the then opposition leader Peer Steinbrück. Denmark hosts several key landing stations for undersea internet cables to and from Sweden, Norway, Germany, the Netherlands, and Britain. (Jon Henley / The Guardian)
Related: Paris Guardian, DAILYSABAH, RT News, Business Insider, News from EUobserver, The Sun, The Guardian, EURACTIV.com, France 24, rthk.hk World News, Daily Maverick, POLITICO EU, RT News, DAILYSABAH, RT News, Softpedia News, BBC News, South China Morning Post, Slashdot, Arutz Sheva News, Global Times, RTE, The Chosun Ilbo, Ecns, Security Affairs, The Register - Security, The Hacker News
In a secret chat with the DarkSide operation obtained by the New York Times, a hacker named Woris provided a look into the internal workings of the now-infamous ransomware gang while they attempted to negotiate a ransom demand with a small, family-owned publisher based in the American Midwest. The New York Times gained access to the DarkSide dashboard through an intermediary.
The dashboard was operational until May 20 despite DarkSide’s claims that it had shut down operations in the immediate aftermath of the highly damaging ransomware attack on Colonial Pipeline. (Andrew E. Kramer, Michael Schwirtz and Anton Troianovski / New York Times)
The Biden administration’s 2022 federal budget proposal seeks $9.8 billion for cybersecurity funding to secure federal civilian agencies. The budget also includes an additional $500 million for the Technology Modernization Fund and $750 million to respond to the hacking campaign against SolarWinds.
Civilian departments and agencies collectively seek $1.2 billion more for cybersecurity-related investments than they did in FY2021, while the DHS is aiming for about $300 million more in funding for next year over current levels. (Natalie Alms, Justin Katz, Chris Riotta, Lauren C. Williams / FCW)
Related: Reuters, Channel News Asia, Inforisk Today, Tech Insider, The Hindu - Technology, Washington Examiner, Task & Purpose, The Hill: Cybersecurity, Defense Daily Network, Raw Story, Breaking Defense, DHS News Releases, InsideDefense.com, Federal News Network, InsideCyberSecurity.com, AOL, FedScoop, DataBreachToday.com
Facebook-owned messaging app WhatsApp’s controversial messaging policy that would cripple functionality for users who fail to agree to share their information with Facebook is seemingly tabled for now.
WhatsApp said in a statement that after speaking with governments and privacy advocates, it wouldn’t restrict any functionality, even if users don’t accept the widely criticized policy, at least for the time being. (Ivan Mehta / The Next Web)
Related: RTE, Times of India, Gadgets Now, Gizchina.com, MobileSyrup.com, SlashGear, Gulf News Technology, Times of India, PhoneArena, Telecomlive.com, Android Central, 9to5Mac, AppleInsider, TechDator, Slashdot, Vox, The Verge
Raising serious concerns of security protocol breaches, U.S. soldiers assigned with protecting nuclear weapons in Europe have inadvertently leaked highly sensitive details of some of the missile bunkers containing live warheads, along with secret code words used by guards, by using online education flashcards that have been left publicly available for nearly a decade.
Bellingcat discovered learning flashcards used by US personnel on free flashcard platforms such as Chegg, Quizlet, and Cram that disclosed the locations of the shelters containing the weapons and other sensitive information. (Foeke Postma / Bellingcat)
Researchers at Proofpoint discovered an elaborate campaign, the BravoMovies campaign, designed to ensnare victims in a phishing campaign that created a fake streaming service that was just one part of a convoluted, seven-step process to deliver a so-called backdoor called BazaLoader.
Agents at the end of the call center for the phony streaming network directs users to the BravoMovies site, where they can find thumbnails for enticing fake films such as Women’s and The Dog Woof. Users who click on the site download an Excel file, which installs BazaLoader on their computers. (Brian Barrett / Wired)
Russian national Aleksandr Zhukov was convicted in the U.S. of using a bot farm and rented servers to fake internet traffic at media sites, leading companies to pay inflated advertising rates.
Zhukov was the mastermind of a scheme known as Methbot in which 1,900 servers were employed to create millions of phony online ad views at websites, including those of the New York Times and the Wall Street Journal. (Patricia Hurtado / Bloomberg)
Starting on June 8, internet merchant, Web host, and entertainment behemoth Amazon will automatically enroll Alexa, Echo, or any other Amazon device users in an Internet bandwidth sharing program called Amazon Sidewalk.
The default option for Sidewalk forces users to share bandwidth with their neighbors as part of a new wireless mesh service that Amazon seeks to mount. Privacy advocates recommend that users turn off Sidewalk by going to their device settings. (Dan Goodin / Ars Technica)
Newly unredacted documents in a lawsuit against Google show that the company's own executives and engineers knew just how difficult the company had made it for smartphone users to keep their location data private and even pressured LG and other phone makers into hiding settings precisely because users liked them.
The lawsuit was brought against Google by the Arizona attorney general's office last year, which accused the company of illegally collecting location data from smartphone users even after they opted out. (Tyler Sonnemaker / Business Insider)
Related: Engadget, Digital Information World, TechDator, Security News | Tech Times, AndroidHeadlines.com, SlashGear, Android Central, Indian Express, Android Police, 9to5Google, WCCFtech, The Next Web, BGR, Cyber Kendra, TechNadu, xda-developers, Daring Fireball, MobileSyrup.com, NDTV Gadgets360.com, Pocket-lint, Phandroid
Incident responders at Sophos discovered a new ransomware threat calling itself Red Epsilon has been seen leveraging Microsoft Exchange server vulnerabilities to encrypt machines across the network.
While investigating an attack at a fairly large U.S. company in the hospitality sector, the researchers found that the threat actor breached the enterprise network by exploiting unpatched vulnerabilities in the on-premise Microsoft Exchange server. (Ionut Ilascu / Bleeping Computer)