At a glance.
Last week we noted the servers of recently folded ransomware gang REvil, known for attacks on companies like JBS, Kenneth Cole, and most recently Kaseya, had suddenly sprung to life. While it seemed too soon to say for sure REvil was back in business, it seems where theres smoke, theres fire. Bleeping Computer confirms that REvil has returned, and while some experts thought REvil might undergo a rebrand, instead it seems theyve simply restored their old servers and are operating under the same name. Victims listed on the gangs Tor-hosted negotiation site have had their ransom payment deadlines reset, and evidence of new attacks include a new REvil ransomware sample and screenshots of data stolen from a new victim. Flashpoint adds that REvils frontman, formerly known as Unknown or UNKN, has been replaced on underground Russian-language forum Exploit with a spokesman bearing the less creative alias REvil. Though some speculate that REvils reemergence could be connected to talks between US President Joe Biden and Russias Vladimir Putin and the lifting of sanctions on companies involved in the Nord Stream 2 pipeline, other experts say theres no evidence of a link.
Messaging giant WhatsApp has made the controversial move to allow users to backup their conversations in the cloud in an encrypted format, TechCrunch reports. WhatsApp has always employed end-to-end encryption, but until now users were only able to store their conversations unencrypted, meaning intruders or law enforcement could potentially access these messages. Though WhatsApp, which considers itself at the forefront of user privacy, has declined to say whether it discussed the change with government bodies, the change is revolutionary as the platform is the first to put the brakes on what some see as a privacy violation. The Wall Street Journal sees the move as the latest blow in the ongoing battle between platforms seeking to increase user privacy and authorities who want access to the treasure trove of potential evidence. Riana Pfefferkorn of the Stanford Internet Observatory notes that the new encryption feature is not the default, meaning there will likely be many users who do not opt to turn it on. That said, WhatsApp says the feature will allow users a way to save messages without the prying eyes of Apples new controversial scanning system.
Zero Day recounts the tale of how Turkish National Police (TNP) might have been involved in police-on-police surveillance using a spyware platform called Hortum (or hose in Turkish). To snoop on members of the influential Glenist movement. The religious-political organization led by Fethullah Glen, a Turkish imam and scholar based in the US, is considered a threat by those who fear the Glenists are plotting an uprising against the Turkish government. Leaked emails show evidence of communications between Italian tech firm Hacking Team, creator of the spyware, and a chief inspector in the IT department of the TNP Intelligence Division, where a police chief and superintendent were arrested in 2016 under suspicion of Glenist involvement. Though there are no clear answers, the story highlights how difficult it is to investigate the use of spyware when the authorities might be the perpetrators.
Digital Journal looks at the recent UN data breach and sees evidence, not of technically sophisticated threat operations, but rather of thoughtful use of social engineering and the resources available in the criminal-to-criminal market, particularly resources taking the form of stolen credential offered for sale.
We received comments on the incident from Neil Jones, Cybersecurity Evangelist, Egnyte, who sees a lamentable tendency on the part of potential victims to overlook reasonably prudent security measures:
"The cyberattack that breached the computer systems at the United Nations is concerning in that it hit so close to the center of global power -- but its a real disaster for the IT team responsible for UN's file security. This particular attack is especially concerning, because smaller nation-states have been looking to the UN for critical leadership, as they navigate the COVID-19 pandemic.
"Unfortunately, far too often methods and tools are being employed that dont meet the security and control needs of an organization, particularly a large Non-Government Organization like the UN. Security should be viewed as way more than a checklist. The best solutions fit in a broader sense of governance but still make it easy to share files with anyone, without compromising users' security and control.
"The reality is that all content and communications are vulnerable without proper data governance, and it is imperative that organizations protect the data itself. This type of security incident occurs regularly, particularly in decentralized settings like the United Nations and the mission-critical systems they use to communicate with hundreds of global nation-states on a daily basis. If secure file collaboration tools with suspicious log-in capabilities are implemented correctly, they can render cybercriminals attacks ineffective. Used in a case like this where adversaries were able to infiltrate the network and grind activities to a halt, the systems themselves would have been inaccessible to outsiders, and the valuable data would have remained protected."
Danny Lopez, CEO of Glasswall, draws lessons about the necessity for taking better care of employees, especially during on- and off-boarding:
Attacks like these demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside.
"Reports of a data breach at the UN are troubling, given the importance of the work being done by this organisation. There is speculation that the breach occurred due to UN credentials being traded online. Forensic analysis will most likely reveal more details in the coming days, but for now it's worth underlining the importance of good security practice.
"Organisations like the UN need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It's vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defence where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach.
"Even if all procedures and policies are well executed, then there's no escaping the fact that adversaries are constantly looking to probe vulnerabilities and to insert malware into the environment, often using everyday business documents which we all use. It's vital that organisations like the UN invest in cyber protection services that stay ahead of attackersby eliminating the threats while still allowing employees to do their vital work."
And Steve Moore, chief security strategist at Exabeam, notes that compromised credentials have become a pervasive problem for organizations of all kinds and sizes:
The United Nations' networks are home to a breadth of sensitive international relations and security data that, in the wrong hands, could put global government officials, citizens and even peace between nations at risk. The intergovernmental organization confirmed this week that its systems were compromised following credentials for internal software being found in criminal marketplaces.
"The UN is not alone. Comprised credentials are the reason for 61% of breaches today. To remediate incidents involving user credentials and respond to adversaries, organizations must move fast and consider an approach that is closely aligned with monitoring user behavior - to provide the necessary context needed to restore trust, and react in real time, to protect user accounts. This should include the ability to understand normal in your network, to detect, using behavioral characteristics, to identify when abnormal events have occurred.
California-based LifeLong Medical Care hasbegun notifyingmore than 115,000 individuals that their personal data (names, Social Security numbers, dates of birth, patient cardholder numbers, and information concerning both treatment and diagnosis) have been compromised. Another healthcare provider, Arizona-based Desert Wells Family Medicine, has recentlyinformed35,000 patients that their EHR data were compromised in a ransomware attack.
Sascha Fahrbach, Cybersecurity Evangelist atFudo Security, commented that the PII held by healthcare providers continues to be valuable, and hence an attractive target for cybercriminals:
"These latest attacks show that the healthcare industry, with its valuable PII, continues to be a tempting and lucrative target for hackers and insiders.There were more than 600 healthcare data breaches last year, with more than 22 million people affected, and unfortunately this trend shows no sign of slowing down. Healthcare operators need to reassess their security posture, as well as shifting their mindset, when it comes to safeguarding their data.
"In particular, third parties remain a security liability which needs to be urgently addressed. Many in the healthcare industry are not taking the proper steps to mitigate third-party remote access and third-party vendor risk.As seen with LifeLong Medical Care, this could expose organizations to data breaches, and the risk of costly non-compliance penalties.
"One of the key steps IT teams should take to protect their data is to evaluate the privilege access they are granting to their employees, partners and vendors, as privileged users are one of the most sought after targets by attackers.Taking a holistic approach, which includes a zero trust strategy and tools for monitoring and managing access,will greatly help mitigate these threats."
- WhatsApp to bring in encryption for backup chats after privacy fears - The Guardian - October 15th, 2021
- WhatsApp end-to-end encrypted backups are rolling out on both Android and iOS - GSMArena.com news - GSMArena.com - October 15th, 2021
- Encryption: Why security threats coast under the radar - Philstar.com - October 15th, 2021
- Encryption Management Solutions Market 2021 : Industry Analysis ,Size, Share, Revenue, Prominent Players, Developing Technologies, Tendencies and... - October 15th, 2021
- TLS Support Redis - October 12th, 2021
- Signal >> Documentation - October 12th, 2021
- Encryption Consulting announces their first-ever virtual conference - "Encryption Consulting Virtual conference 2021." - Tyler Morning... - October 12th, 2021
- [Update: Rolling out] WhatsApp adds end-to-end encryption for Android cloud backups - 9to5Google - October 12th, 2021
- Homomorphic Encryption Market New Coming Industry to Witness Great Growth Opportunities in Coming Years From 2021 to 2027: Microsoft (US), IBM... - October 12th, 2021
- SmartKargo Incorporates EDIfly Advanced Aviation Messaging At No Cost for Customers of its E-Commerce Logistics Solution - Yahoo Finance - October 12th, 2021
- No outages, no data leaks: The new WhatsApp killer built on the blockchain creates privacy-focused encrypted messenger - Cointelegraph - October 12th, 2021
- Mosyle's $ 16M Series A Drives Growth by Launching the Mosyle Business with the Market's First Encrypted DNS Filtering and Security Solution -... - October 6th, 2021
- Tips to Secure and Encrypt your WIFI Network Security - H2S Media - October 6th, 2021
- Data Encryption Standard (DES)? - All You Need to Know | Techfunnel - TechFunnel - October 4th, 2021
- XSOC CORP Recognized by CyberSecurity Breakthrough Awards Program for Overall Encryption Solution of the Year - Business Wire - October 4th, 2021
- Encryption: Why security threats coast under the radar - Express Computer - October 4th, 2021
- Hardware Encryption Devices Market 2021 Technology Development, Key Manufacturers, Forecast Based on Major Drivers and Trends Up to 2027 - Digital... - October 4th, 2021
- Container security without governance is neither secure nor governed - The Register - October 4th, 2021
- Sectigo Certificate Manager Wins 2021 CyberSecurity Breakthrough Award for Overall Encryption Solution Provider of the Year - PRNewswire - October 4th, 2021
- Customs and Border Protection Signs Major Contract With Amazon-Owned Encrypted Chat App Wickr - Gizmodo - October 4th, 2021
- Encryption cant be used as excuse to deny sharing details to law enforcement: Govt - The Financial Express - October 4th, 2021
- Facebook announces WhatsApp end-to-end encrypted (E2EE) backups - Techiexpert.com - TechiExpert.com - October 4th, 2021
- Bluefin Issues New Payment Security Brief on PCI-validated P2PE for Petroleum and Convenience Stores - PR Web - October 4th, 2021
- Get a lifetime of easy, automatic encryption for all of the files on your computer for just $30 - ZDNet - September 24th, 2021
- Tide encryption is ready to end the cyber breach pandemic - TechCrunch - September 24th, 2021
- The FBI has kept the presence of the encryption key secret from Casey for three weeks. - Cheraw Chronicle - September 24th, 2021
- Braves non-tracking, browser-based video conferencing tool is out of beta - TechCrunch - September 24th, 2021
- 5 ways to stay ahead of government-targeted ransomware - GCN.com - September 24th, 2021
- Encryption Software Market expectation surges with rising demand and changing trends by industry analysis through 2026 Stillwater Current -... - September 24th, 2021
- What Is a Hardware Security Module? HSMs Explained - Hashed Out by The SSL Store - September 24th, 2021
- Making the Most from WEP - Wi-FiPlanet.com - Wi-Fi Planet - September 24th, 2021
- Brave, the startup behind untracked browser-based video conferencing tool is out of beta - Security News - BollyInside - September 24th, 2021
- Hardware Encryption Devices Market Is Expected To Witness Healthy Growth At A CAGR Of More Than 40% - Herefordshire Live - Herefordshire Live - September 24th, 2021
- WhatsApp launches encryption in iCloud and Google Drive backups - InTallaght - September 24th, 2021
- WhatsApp boosts end-to-end encryption - BusinessTech - September 17th, 2021
- WhatsApp to offer encryption on cloud backups: Heres all you need to know - India Today - September 17th, 2021
- London's Top Cop Says 'Big Tech,' Encryption Are Letting The Terrorists Win - Techdirt - September 17th, 2021
- Zoom unveils new security features including end-to-end encryption for Zoom Phone, verified identities and... - ZDNet - September 15th, 2021
- Insights on the Hardware Encryption Global Market to 2026 - by Algorithm & Standard, Architecture, Product, Application and Region - PRNewswire - September 15th, 2021
- Light Start: WhatsApp rolls out backup encryption, LG is more attractive, Google goes dark and iPhones only laak gud vaabs Stuff - Stuff Magazines - September 15th, 2021
- How a glitch in the Matrix led to apps potentially exposing encrypted chats - The Register - September 15th, 2021
- Secure cloud storage: which are the most secure providers? - ITProPortal - September 15th, 2021
- WhatsApp is finally allowing users to encrypt chat backups uploaded to iCloud and Google Drive - Buzz.ie - September 15th, 2021
- WhatsApp is adding encrypted backups - The Verge - September 11th, 2021
- What Is Fully Homomorphic Encryption (FHE)? - CIO Insight - September 11th, 2021
- WhatsApp end-to-end encrypted messages arent that private after all - Ars Technica - September 11th, 2021
- UK government backs Apple, and wants to scan encrypted messages for CSAM - 9to5Mac - September 11th, 2021
- VPN and Email Encryption Provider, WiTopia, Inc., Is Now Raising Capital Via StartEngine - PRNewswire - September 11th, 2021
- Future in the cloud for encryption - Capacity Media - September 8th, 2021
- WhatsApps Claims Of End-To-End Encryption Might Be Entirely True - Ubergizmo - September 8th, 2021
- Debunking Wi-Fi Security Myths: Wi-Fi Encryption Is Weak - TechSpective - September 8th, 2021
- WhatsApp Flaw Casts Doubt on End-to-End Encryption - Security Boulevard - September 8th, 2021
- Bluefin Receives U.S. Patent on Systems for Vaultless Tokenization and Encryption - WFMZ Allentown - September 8th, 2021
- Priti Patel backs ad campaign that criticises Facebook's stance on end-to-end encryption - Graham Cluley Security News - September 8th, 2021
- EXCLUSIVE: What's in the new zero-trust strategy - Politico - September 8th, 2021
- 3 ways to protect yourself from cyberattacks in the midst of an IT security skill shortage - Help Net Security - September 8th, 2021
- Apple Has Betrayed Its Privacy Legacy and Will Undermine End-to-end Encryption Everywhere - Privacy News Online - September 8th, 2021
- IBM's first 7nm Power10 chip arrives in E1080 server system with a wealth of shiny features - The Register - September 8th, 2021
- The adoption of multi-cloud drives the need for better data protection and management of encryption keys an... - Security Boulevard - August 26th, 2021
- Cryptomator Vs. BoxCryptor: Which One Is The Best Encryption Software? - Analytics Insight - August 26th, 2021
- Why you should encrypt your data on your computer and how to do it - The Star Online - August 26th, 2021
- Video end-to-end encryption on Ring to be available worldwide - ITP.net - August 26th, 2021
- What is a Vocoder? How an audio encryption device used in WW2 became the sound of electro and modern pop - Mixdown - August 26th, 2021
- Privacera partners with StreamSets to strengthen data security for ETL processing in the cloud - Help Net Security - August 26th, 2021
- R400m cocaine-in-a-boat accused used encryption app to communicate - TimesLIVE - August 26th, 2021
- Evervaults encryption as a service is now open access - TechCrunch - August 24th, 2021
- How to Encrypt Your Own Windows and Mac Devices (and Why You Need To) - Lifehacker - August 24th, 2021
- Why encryption is the key to digital fitness, according to Thales - iTnews - August 24th, 2021
- How to check each of your WhatsApp chats are ACTUALLY private right now and not being intercepted by h... - The Sun - August 24th, 2021
- WebCam: How Australia paved the way for Apple's encryption backflip - Crikey - August 24th, 2021
- Staggering 400% rise in child sexual abuse images detected by Facebook as fears over encryption plans g... - The Sun - August 24th, 2021
- Hardware-based Full Disk Encryption Market 2021 and Analysis to 2027 Micron Technology Inc, Seagate Technology PLC, Toshiba, Intel - The Market... - August 24th, 2021
- WhatsApp could soon have an iPad app for the first time - Engadget - August 24th, 2021
- Facebook is bringing end-to-end encryption to Messenger calls and Instagram DMs - TechCrunch - August 14th, 2021
- Apple opens the encryption Pandora's box - Axios - August 14th, 2021
- How to encrypt your computer (and why you should) - Mashable - August 14th, 2021
- Protects User Privacy With Encryption and Authentication - Security Magazine - August 14th, 2021
- An Overview of Blockchain in Supply Chain: Whats the Link? - JD Supra - August 14th, 2021
- Facebook introduces end-to-end encryption for its voice & video call features - Techstory - August 14th, 2021
- Hardware Encryption Devices Market Research Report 2021 Elaborate Analysis With Growth Forecast To 2027 Intel, Toshiba, Micron Technology Inc,... - August 14th, 2021