International Operation Knocks Notorious REvil Ransomware Group Offline

The ransomware attacks continue to be a major concern this week. However, Google's Threat Ana Group raised awareness about the tricky pass-the cookie attacks hackers use in recent years for stealing YouTube channels. Although this type of attack is not new, Google has taken significant coordinated actions to stop it. Compromised YouTube channels were used to broadcast scams and misinformation on cryptocurrency.
The International Organization for Standardization published its first set of guidelines for sex toys manufacturing last week. This is a significant step towards establishing minimum safety standards in the industry. The document is called ISO 3533, or Sex Toys Design and Safety Requirements For Products in Direct Contact With Genitalia, or Both. While significant, it does not provide clear guidelines for digital privacy or security, which are areas where sex toys have made significant and important strides.

You can make a weekend project out of account security. Double-check that two-factor authentication is enabled wherever it is offered. We have a guide for moving between authenticator apps (e.g., Google Authenticator to Twilio Authy) that you can follow easily and without losing any access.

Wait, there's more. Every week, we bring you all the security news WIRED hasn't covered in depth. To read the complete stories, click on the headlines. Stay safe out there.

A group of law enforcement agencies from government hacked the notorious Russia-based ransomware gang REvil. They were responsible for the JBS Meat attack in Juni and the Kaseya managed malware compromise in July. The project to sabotage REvil's infrastructure was undertaken by the FBI, US Cyber Command and Secret Service. The FBI was able, after the Kaseya hack and subsequent ransomware attacks in July to secure a universal encryption key from REvil. Officials withheld the tool to protect their access to REvil’s infrastructure. Members of the gang took down some platforms in July and restored them from backups in September. However, they accidentally reestablished law enforcement's access to the system in the process. This opened the door to a possible takedown. The website of REvil and the data-leaking platform "Happy Blog" are now unavailable.

Sinclair Broadcast Group was the second-largest US television station operator. A ransomware attack targeted the company's broadcasts and operations early this week. The ransomware attack used a malicious encryption tool similar to that used by the Russian criminal gang Evil Corp. In the past, the malware was attributed to the gang. Sinclair was unable to stabilize its operations throughout the week. Employees reported chaotic situations as stations tried to keep their broadcasts going. Sinclair released a statement Thursday saying that it will continue to work closely with third-party cybersecurity firms, other incident response professionals and law enforcement agencies in our investigation and response to the incident.

A hacker allegedly compromised Argentina's Registro Nacional de las Personas and stole personal data of all Argentinians. This trove is being sold in criminal circles. The government's IT networks were hacked to gain access to the database. It is also known by RENAPER. The agency issues national identification cards and allows other government agencies to query its database. Officials stated that the attackers used a legitimate account to gain access to the database, not hacking it through a vulnerability. In October, the first signs of the breach were evident when a new Twitter account posted ID cards photos and other information about 44 prominent Argentinians including President Alberto Fernndez as well as soccer stars Sergio Aguero and Lionel Messi.

The Federal Trade Commission criticized six US-based internet service companies for their poor data management and insufficient privacy and security controls on Thursday. AT&T Mobility (Verizon Wireless), Cellco Partnership (Verizon Wireless), Charter Communications Operating (Xfinity), T-Mobile US and Google Fiber were the subjects of the study. FTC discovered that ISPs don't make their privacy practices transparent and are not able to disclose how they use customer information. It was also revealed that customers are unable to opt out of data collection through the services.

These issues are well-known for many years. However, government and private sector efforts have not been sufficient to stop abuses. Consumers expect ISPs collect information about websites visited as part of providing internet services. However, they might be surprised at how much data is collected for non-related purposes. The FTC reported that browsing data, TV viewing history, search results, content of email and search, data from other devices, location data, race and ethnicity data and data from connected devices are all examples of data that ISPs may have.

Here are more great WIRED stories


Post a comment

Your email address will not be published. Required fields are marked *