Hollywood Reporter: Local TV Programming Disrupted as Sinclair Hit by Ransomware Attack

Hollywood Reporter: Local TV Programming Disrupted as Sinclair Hit by Ransomware Attack. “Sinclair Broadcast Group said Monday that it was the victim of a ransomware attack, resulting in dozens of local newscasts and other programming being pulled off the air Sunday and Monday. Sinclair is one of the largest owners of local TV stations in the U.S., operating 184 stations in 86 markets. The incident began on Sunday, with a source saying that emails and corporate phone lines were also taken down, complicating the incident further.”

Motherboard: The White House’s Plan to Stop Government Employees From Getting Phished

Motherboard: The White House’s Plan to Stop Government Employees From Getting Phished. “The White House has an ambitious plan to greatly reduce the risk of phishing to the U.S. government. Part of that is having agencies phase out the use of SMS and app-based multi-factor authentication, and replace them with phishing-resistant methods such as hardware security keys.”

The Register: White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency

The Register: White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency. “The 30-nation gabfest convened under the auspices of the US National Security Council’s Counter-Ransomware Initiative has ended with agreement that increased regulation of virtual assets is required to curb the digital coins’ allure to criminals. A joint statement issued after the event’s conclusion opens with anodyne observations about the need for good infosec, international collaboration, and the benefits of private sector engagement.”

Washington Post: Hacktivists are back

Washington Post: Hacktivists are back. “Hacktivists are back in the public spotlight, nearly a decade after groups like Anonymous and LulzSec tore through the Internet and wreaked havoc on everyone from Sony to the U.S. Senate. In places including the United States, Iran and Belarus, hackers aiming to further political goals have gone after companies and organizations perceived as right-wing, the surveillance industry and even authoritarian governments.”

MIT Technology Review: 2021 has broken the record for zero-day hacking attacks

MIT Technology Review: 2021 has broken the record for zero-day hacking attacks. “A zero-day exploit—a way to launch a cyberattack via a previously unknown vulnerability—is just about the most valuable thing a hacker can possess. These exploits can carry price tags north of $1 million on the open market. And this year, cybersecurity defenders have caught the highest number ever, according to multiple databases, researchers, and cybersecurity companies who spoke to MIT Technology Review.”

Microsoft Blog: Russian cyberattacks pose greater risk to governments and other insights from our annual report

Microsoft Blog: Russian cyberattacks pose greater risk to governments and other insights from our annual report. “During the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia. And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year. Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense. The top three countries targeted by Russian nation-state actors were the United States, Ukraine and the UK.”

CNET: FCC aims to crack down on SIM card swapping scams

CNET: FCC aims to crack down on SIM card swapping scams. “Citing a litany of complaints from consumers who’ve suffered significant distress, inconvenience and financial harm, the US Federal Communications Commission launched a rule-making process Thursday aimed at cracking down on SIM card swapping scams. Key among the new proposals: stronger authentication standards, and notification procedures whenever someone tries to redirect a phone number to a new device or carrier.”

University of Texas at Austin: Ransomware Attacks Are Another Tool in the Political Warfare Toolbox

University of Texas at Austin: Ransomware Attacks Are Another Tool in the Political Warfare Toolbox. “Strategic inaction on the Kremlin’s part is an inducement to experiment with malicious software aimed at Western targets. There are documented instances of individuals and groups being co-opted by Russian security and intelligence services. The state provides them legal protection and occasional targeting guidance in exchange for information and corrupt material gains. In this way, ransomware has entered the Gray Zone. This is a realm where plausible deniability is achieved because of the cooptation and weaponization of private proxies.”

A Hospital Hit by Hackers, a Baby in Distress: The Case of the First Alleged Ransomware Death (Wall Street Journal)

Wall Street Journal: A Hospital Hit by Hackers, a Baby in Distress: The Case of the First Alleged Ransomware Death. “When Teiranni Kidd walked into Springhill Medical Center on July 16, 2019, to have her baby, she had no idea the Alabama hospital was deep in the midst of a ransomware attack. For nearly eight days, computers had been disabled on every floor. A real-time wireless tracker that could locate medical staff around the hospital was down. Years of patient health records were inaccessible. And at the nurses’ desk in the labor and delivery unit, medical staff were cut off from the equipment that monitors fetal heartbeats in the 12 delivery rooms.”

Wired: Hundreds of Scam Apps Hit Over 10 Million Android Devices

Wired: Hundreds of Scam Apps Hit Over 10 Million Android Devices. “GOOGLE HAS TAKEN increasingly sophisticated steps to keep malicious apps out of Google Play. But a new round of takedowns involving about 200 apps and more than 10 million potential victims shows that this longtime problem remains far from solved—and in this case, potentially cost users hundreds of millions of dollars.”

Social media scam: Twitter bots are tricking users into making PayPal and Venmo payments into fraudsters’ accounts (The Daily Swig)

The Daily Swig: Social media scam: Twitter bots are tricking users into making PayPal and Venmo payments into fraudsters’ accounts. “The bots appear to be activated when a legitimate user asks another for their payment information, presumably discovering these tweets via a search for keywords such as ‘PayPal’, ‘Venmo’, or other services. They masquerade as the other user by scraping their profile picture and adopting a similar username, before supplying them with false payment information in the hopes the original tweeter will pay into this account.”

BBC: Spying concerns fuel the market for more secure tech

BBC: Spying concerns fuel the market for more secure tech. “‘People do not seem to understand that security and smartphones as one [single] concept simply do not exist,’ says Pim Donkers. Mr Donkers is a co-founder and chief executive of Switzerland’s ARMA Instruments, a technology company which produces super-secure communication devices. So, more than most, he is keen to warn people about the potential security weaknesses of their smartphones.”

CNN: Hackers breached computer network at key US port but did not disrupt operations

CNN: Hackers breached computer network at key US port but did not disrupt operations. “Suspected foreign government-backed hackers last month breached a computer network at one of the largest ports on the US Gulf Coast, but early detection of the incident meant the intruders weren’t in a position to disrupt shipping operations, according to a Coast Guard analysis of the incident obtained by CNN and a public statement from a senior US cybersecurity official.”