(CHILE) JUST IN: Chilean Bank ‘ Banco Estado ‘ has shut-down all its branches on Monday after a ‘ Ransomware Attack ‘ over the weekend they said in a statement on their twitter account #AceSecurityDesk report

#AceSecurityReport – Sept.08: BancoEstado, one of Chile’s three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. From a report: “Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday:

Chilean bank suffers ‘ Ransomware ‘ attack over the weekend causing shut-down of all of its branches on Monday according to a tweet ZNet,Com/

Details about the attack have not been made public, but a source close to the investigation told ZDNet that the bank’s internal network was infected with the REvil (Sodinokibi) ransomware: The incident is currently being investigated as having originated from a malicious Office document received and opened by an employee. The malicious Office file is believed to have installed a backdoor on the bank’s network:

All BancoEstado branches will remain closed on Monday, September 7, and possibly more days.

September.07, 2020 — 16:31 GMT (17:31 BST)

“Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday.

Información importante sobre nuestra red de atención pic.twitter.com/CfFeb9tCzK

— BancoEstado (@BancoEstado) September 7, 2020

Details about the attack have not been made public, but a source close to the investigation told ZDNet that the bank’s internal network was infected with the REvil (Sodinokibi) ransomware: The incident is currently being investigated as having originated from a malicious Office document received and opened by an employee. The malicious Office file is believed to have installed a backdoor on the bank’s network.

Investigators believe that on the night between Friday and Saturday, hackers used this backdoor to access the bank’s network and install ransomware: Bank employees working weekend shifts discovered the attack when they couldn’t access their work files on Saturday.

‘ BancoEstado reported the incident to Chilean police, and on the same day, the Chilean government sent out a nationwide cyber-security alert warning about a ransomware campaign targeting the private sector ‘

While initially, the bank hoped to recover from the attack unnoticed, the damage was extensive, according to sources, with the ransomware encrypting the vast majority of internal servers and employee workstations: The bank initially disclosed the attack on Sunday, but as time went by, bank officials realized employees wouldn’t be able to work on Monday, and decided to keep branches closed, while they recover:

#AceSecurityDesk report ………..Published: Sept.08: 2020:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

(BEIJING, China.) Great Firewall Report: Government ‘ BLOCKS ALL ENCRYPTED HTTPS + TLS1.3+ESNI CONNECTIONS ‘ from ‘ End of July ‘ according to iYouPort and the University of Maryland #AceSecurityDesk report

#AceSecurityReport – Aug.13: The Chinese government has deployed an update to its national censorship tool, known as the Great Firewall (GFW), to block encrypted HTTPS connections that are being set up using modern, interception-proof protocols and technologies: The ban has been in place for at least a week, since the end of July, according to a joint report published this week by three organisations tracking Chinese censorship — iYouPort, the University of Maryland, and the Great Firewall Report

China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI

The block was put in place at the end of July and is enforced via China’s Great Firewall.

Catalin Cimpanu August.08: 2020 — 18:04 GMT (19:04 BST) ZDNet.Com/

China now blocking HTTPS+TLS1.3+ESNI: Through the new GFW update, Chinese officials are only targeting HTTPS traffic that is being set up with new technologies like TLS 1.3 and ESNI (Encrypted Server Name Indication)

Other HTTPS traffic is still allowed through the Great Firewall, if it uses older versions of the same protocols — such as TLS 1.1 or 1.2, or SNI (Server Name Indication) For HTTPS connections set up via these older protocols, Chinese censors can infer to what domain a user is trying to connect. This is done by looking at the (plaintext) SNI field in the early stages of an HTTPS connections: In HTTPS connections set up via the newer TLS 1.3, the SNI field can be hidden via ESNI, the encrypted version of the old SNI. As TLS 1.3 usage continues to grow around the web, HTTPS traffic where TLS 1.3 and ESNI is used is now giving Chinese sensors headaches, as they’re now finding it harder to filter HTTPS traffic and control what content the Chinese population can access:

tls13-stats.pngImage: Qualys SSL Labs (via SixGen)

Per the findings of the joint report: TheChinese government is currently dropping all HTTPS traffic where TLS 1.3 and ESNI are used, and temporarily banning the IP addresses involved in the connection, for small intervals of time that can vary between two and three minutes:

Some circumvention methods exist… for now

For now, iYouPort, the University of Maryland, and the Great Firewall Report said they were able to find six circumvention techniques that can be applied client-side (inside apps and software) and four that can be applied server-side (on servers and app backends) to bypass the GFW’s current block: “Unfortunately, these specific strategies may not be a long-term solution: as the cat and mouse game progresses, the Great Firewall will likely to continue to improve its censorship capabilities,” the three organizations also added.

ZDNet also confirmed the report’s findings with two additional sources — namely members of a US telecommunications provider and an internet exchange point (IXP) — using instructions provided in this mailing list.

Article updated to clarify some technical terms.

#AceSecurityDesk report …………Published: Aug.13: 2020:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com