(WORLDWIDE) #Cybersecurity Attack Report: The gang behind a “colossal” ransomware attack has demanded $70m (£50.5m) paid in Bitcoin in return for a “universal decryptor” that it says will unlock the files of all victims #AceNewsDesk report

#AceSecurityReport – July.06: But because Kaseya provides software to managed service providers, firms which themselves provide outsourced IT services to other companies, the number of victims may be much greater.

#AceSecurityDesk UPDATE: Says that a Gang behind huge cyber-attack demands $70m in Bitcoin and the REvil group claims its malware, which initially targeted US IT firm Kaseya, has hit one million “systems”BBC Tech has reported after we published this on Monday about 17-countries being attacked and over 200-companies and this number has not been verified and the exact total of victims is unknown: However, it does include 500 Swedish Coop supermarkets and 11 schools in New Zealand. …….Two Dutch IT firms have also been hit, according to local media reports.

Illustration of ransomware
Ransomeware Attack

Counting victims

On Friday, cyber-security firm Huntress Labs estimated about 200 firms had been affected: The “supply chain” attack initially targeted Kaseya, before spreading through corporate networks that use its software.

Kaseya said that fewer than 40 of its own customers had been affected: And the number of individual computer systems within those victim organisations could be greater still.

Kaseya chief executive Fred Voccola told the Associated Press that the number of victims would probably be in the low thousands, made up of small organisations such as dental practices and libraries.

For hundreds, perhaps thousands, of IT teams around the world this ransomware attack is a horrendous headache that is still growing.But the way the cyber-security world has pulled together to reduce the impact of the attack has been incredible. Cyber-defenders, both private and public sector, have been issuing alerts while experts work out how best to untangle the web of victims.

There could have been far more victims if it wasn’t for a busy and stressful weekend of work: However, we now know that the secret digital doorway in the Kaseya system that let in the REvil hackers was known about before the attack.Researchers from the Dutch Institute for Vulnerability Disclosure found the problem and were helping Kaseya plug the hole long before the hackers found it.It was a case of the good hackers racing to stop the bad hackers from getting in and, as Victor Gevers from the institute puts it: “Unfortunately, we were beaten by REvil in the final sprint.”This case shows how skilled, persistent and determined these criminals are, and that in spite of all the efforts of the cyber-security world, we are losing the race against ransomware. “

#AceSecurityDesk reported that ……..DarkSide ransomware group, responsible for shutting down the Colonial Oil Pipeline.“Following the money remains one of the most basic, yet powerful tools we have”, said Deputy Attorney General Lisa O. Monaco.Tom Robinson, founder and chief scientist of the firm Elliptic, which analyses bitcoin payments, told the BBC it had observed REvil continuing to negotiate with individual customers for smaller ransoms of about $200,000, despite the $70m request to unlock everything. He said REvil preferred to use Monero, but it would be difficult to purchase $70m of the currency for practical and regulatory reasons.But he said: “More and more ransomware operators are asking for Monero.”

The scale and sophistication of this global crime is rare, if not unprecedented,” Prof Ciaran Martin, founder of the National Cyber Security Centre, told Radio 4’s Today programme.Most of REvil’s members are believed to be based in Russia or countries that were formerly part of the Soviet Union.Prof Martin criticised Russia for providing a safe environment for ransomware hackers, but said that the West was making it too easy for these gangs to be paid and “unsurprisingly they are coming back for more”.Getty ImagesTraceable BitcoinExperts have expressed surprise at the group’s demand that the ransom should be paid in Bitcoin, as opposed to harder-to-trace cryptocurrencies such as Monero.

On Twitter, Prof Martin called REvil’s decision to demand payment in Bitcoin, “weird”.Earlier this month the US Justice Department announced it had traced and seized millions of dollars worth of bitcoin paid to the

Providers: #AceSecurityDesk / AP/BBC/

#AceNewsDesk report ………Published: July.06: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cybersecurity-2, #hacked, #usa

(SILICONE VALLEY, Calif.) Private Data Report: A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online #AceSecurityDesk report

#AceSecurityReport – Apr.05: The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses:

533 million Facebook users’ phone numbers and personal data have been leaked online: ‘Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number According a Facebook spokesperson told Insider that the data was scraped due to a vulnerability that the company patched in 2019.

2021-04-03T14:41:27Z

  • The personal data of over 500 million Facebook users has been posted online in a low-level hacking forum.
  • The data includes phone numbers, full names, location, email address, and biographical information.
  • Security researchers warn that the data could be used by hackers to impersonate people and commit fraud.

While a couple of years old, the leaked data could provide valuable information to cybercriminals who use people’s personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the entire trough of leaked data online on Saturday.

“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Gal told Insider.

Gal first discovered the leaked data in January when a user in the same hacking forum advertised an automated bot that could provide phone numbers for hundreds of millions of Facebook users in exchange for a price. Motherboard reported on that bot’s existence at the time and verified that the data was legitimate.

Now, the entire dataset has been posted on the hacking forum for free, making it widely available to anyone with rudimentary data skills.

—Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021

Insider attempted to reach the leaker through messaging app Telegram but did not get a response.

This is not the first time that a huge number of Facebook users’ phone numbers have been found exposed online. The vulnerability that was uncovered in 2019 allowed millions of people’s phone numbers to be scraped from Facebook’s servers in violation of its terms of service. Facebook said that vulnerability was patched in August 2019. 

Facebook previously vowed to crack down on mass data-scraping after Cambridge Analytica scraped the data of 80 million users in violation of Facebook’s terms of service to target voters with political ads in the 2016 election.

Gal said that, from a security standpoint, there’s not much Facebook can do to help users affected by the breach since their data is already out in the open — but he added that Facebook could notify users so they could remain vigilant for possible phishing schemes or fraud using their personal data.

“Individuals signing up to a reputable company like Facebook are trusting them with their data and Facebook [is] supposed to treat the data with utmost respect,” Gal said. “Users having their personal information leaked is a huge breach of trust and should be handled accordingly.”

#AceSecurityDesk report ……….Published: Apr.05: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#california, #cyberattack, #data, #hacked

WASHINGTON: ‘ FBI INVESTIGATE THREATENING EMAILS TO SONY PICTURES EMPLOYEES ‘

AceWorldNews – WASHINGTON – Dec.06 – The FBI is investigating threatening emails sent to some Sony Pictures employees in the wake of the cyber-attack last week that leaked celebrity salaries on-line.

' Emails Hackred and Celebrity Salaries Leaked '

‘ Emails Hackred and Celebrity Salaries Leaked ‘

The agency said in a statement it was trying to identify the person or group responsible.

According to Variety, the email was written in broken English and claimed to be from the head of the GOP (Guardians of Peace), the same group that took credit for last week’s attack. “Removing Sony Pictures on earth is a very tiny work for our group which is a worldwide organization.

And what we have done so far is only a small part of our further plan,” the email read. It also demands:Please sign your name to object the false [sic] of the company at the email address below if you don’t want to suffer damage.

If you don’t, not only you but your family will be in danger.”

The hack against Sony Pictures appeared to enter new territory on Friday when employees reportedly received messages threatening them and their families.

The message, reported by Variety, warned that “not only you but your family will be in danger.”

#ANS2014 

#celebrities, #emails, #hacked, #salaries

UNITED STATES: ‘ You Have Been Hacked or About to be By China ‘

#AceNewServices – UNITED STATES – The United States says it spends billions of dollars each year to counter what it describes as China’s cyber-war against the American companies.

' You have been hacked by China or are about to be - but will  you know '

‘ You have been hacked by China or are about to be – but will you know ‘

Speaking to CBS television’s 60 Minute program late on Sunday, FBI Director James Comey accused China of using extremely aggressive methods to break into US systems to steal information that would benefit their industry.

He claimed that annual losses from cyber-attacks launched from China were “impossible to count”. “There are two kinds of big companies in the United States,” he said. “There are those who have been hacked by the Chinese, and those who don’t know they have been hacked by the Chinese.”

He said China tops the list of countries seeking to steal secrets from US firms. He also said that almost every major company in the United States had been the target of China’s cyber-war.

Comey claimed that China was seeking to obtain “information that’s useful to them so they don’t have to invent”.

“They can copy or steal to learn about how a company might approach negotiations with a Chinese company all manner of things,” he claimed.

Source:

#ANS2014  

#acenewsservices, #china, #cyber-war, #hacked, #united-states