09-06-202111-06-2021

Security daily (10-06-2021)

Creating a notification workflow from sensitive data discover with Amazon Macie, Amazon EventBridge, AWS Lambda, and Slack

Following the example of the EU in implementing the General Data Protection Regulation (GDPR), many countries are implementing similar data protection laws. In response, many companies are forming teams that are responsible for data protection. Considering the volume of information that companies maintain, it’s essential that these teams are alerted when sensitive data is at […] (AWS Security Blog)

Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

It’s been two months since President Joe Biden announced his two most important Senate-confirmed cybersecurity picks: Jen Easterly to lead the Department of Homeland Security’s cybersecurity agency, and Chris Inglis to be the national cyber director. During that time, ransomware attacks have forced temporary shutdowns of a major fuel pipeline and a big meat supplier, and Biden has signaled he will raise the issue of harboring criminal hackers in a meeting next week with Russian President Vladimir Putin. Americans got their closest look yet of how Inglis and Easterly would approach those pressing issues during a Senate confirmation hearing Thursday. The nominees labeled ransomware a “scourge” that threatens national security, vowed to work with critical infrastructure firms to improve their defenses, and wondered aloud if additional federal regulations were necessary to incentivize firms to reduce their vulnerabilities to hacking. The U.S. government, Inglis said, must “seize back the initiative that […] The post Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat appeared first on CyberScoop. (CyberScoop)

Justice Department, international law enforcement disrupt major marketplace for cybercriminals

The Justice Department partnered with international law enforcement to take down an online marketplace offering stolen login credentials for various accounts including bank and online payment, DOJ said on Thursday. It’s unclear how much cybercriminals scored financially using the stolen logins, but the newly unsealed affidavit for a warrant notes victim reports topping $200 million in losses in the U.S. alone. The marketplace, Slilpp, reportedly sold login credentials for over 1,400 account providers at the time that law enforcement disrupted the marketplace’s servers and domains. “With today’s coordinated disruption of the Slilpp marketplace, the FBI and our international partners sent a clear message to those who, as alleged, would steal and traffic in stolen identities: we will not allow cyber threats to go unchecked,” acting U.S. Attorney Channing Phillips of the District of Columbia said in a statement. “We applaud the efforts of the FBI and our international partners who […] The post Justice Department, international law enforcement disrupt major marketplace for cybercriminals appeared first on CyberScoop. (CyberScoop)

Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data

JBS, one of America’s biggest meat processors, said Wednesday that it paid cybercriminals an $11 million ransom to ensure the hackers didn’t steal company data. The payment is more than double the $4.4 million that Colonial Pipeline, a major fuel supplier, paid to recover its data in the wake of a separate ransomware attack. “In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” JBS’s U.S. division said in a statement. In the same company statement, Andre Nogueira, CEO of JBS’s U.S. division, said it was a “very difficult decision” for the company and for him. “However, we felt this decision had to be made to prevent any potential risk for our customers,” he said. The ransomware attack forced JBS, which accounts for an estimated one-fifth of U.S. beef production, […] The post Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data appeared first on CyberScoop. (CyberScoop)

S3 Ep36: Trickbot coder busted, passwords cracked, and breaches judged [Podcast]

Latest episode - listen now! (Naked Security)

Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!

Patch early. Patch often. Patch now! (Naked Security)

Hackers Force Iowa College To Cancel Classes For Four Days

(News ≈ Packet Storm)

Cops Are Using Facebook To Target Pipeline Protest Leaders

(News ≈ Packet Storm)

Intel Plugs 29 Holes In CPUs, Bluetooth, Security

(News ≈ Packet Storm)

Meat Giant JBS Pays $11 Million In Ransom To Resolve Attack

(News ≈ Packet Storm)

Emerging Ransomware Targets Dozens of Businesses Worldwide

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational by riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, "Prometheus" is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle (The Hacker News)

Using Breached Password Detection Services to Prevent Cyberattack

Bolstering password policies in your organization is an important part of a robust cybersecurity strategy. Cybercriminals are using compromised accounts as one of their favorite tactics to infiltrate business-critical environments; as we've seen in recent news, these attacks can be dangerous and financially impactful. Unfortunately, account compromise is a very successful attack method and (The Hacker News)

Beef Supplier JBS Paid Hackers $11 Million Ransom After Cyberattack

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month. "In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated," (The Hacker News)

New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. (The Hacker News)

New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites

Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim's web browser to a different TLS service endpoint located on another IP address to steal sensitive information. The attacks have been dubbed ALPACA, short for "Application Layer Protocol Confusion - Analyzing and mitigating Cracks in (The Hacker News)

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S. companies. (Threatpost)

Chrome Browser Bug Under Active Attack

Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild. (Threatpost)

STEM Audio Table Rife with Business-Threatening Bugs

The desktop conferencing IoT gadget allows remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks. (Threatpost)

09-06-202111-06-2021

/security-daily/ 11-06-2021 23:44:26