JBS recovers from the REvil ransomware attacks. Colonial phishbait. Anti-ransomware policies.


According to the Japan Times, the organizing committee for the Tokyo Olympics has suffered a data breach as a consequence of Fujitsu's recent compromise.

The Record reports that Cox Media livestreams were interrupted yesterday in what multiple sources tell the Record was a ransomware attack.

The ransomware attack against New York's Metropolitan Transportation Authority (MTA) is being attributed, BleepingComputer writes, to a Chinese threat actor that exploited a Pulse Secure vulnerability to gain access to MTA systems. SC Magazine speaks with industry sources who express concern that the operation may be a harbinger of more to come, especially if the group responsible should prove closely connected to the Chinese government.

BlackBerry reports that the Avaddon ransomware operators now pose a "triple threat," adding the prospect of distributed denial-of-service to the familiar threats of encryption and data theft.

Recent high-profile ransomware attacks have spawned a large brood of unrelated but obviously parasitic phishing campaigns. INKY has been tracking some of them, and finds that the emails represent themselves as coming from a more plausible than usual "help desk," and they announce a security upgrade prompted by the Colonial Pipeline incident. The recipients are asked to download a “ransomware system update” from an external site. That site, of course, is malicious.

Reuters says the Justice Department will accord ransomware attacks the same priority it gives terrorism. The New York Times interprets an advisory letter from Deputy National Security Advisor Neuberger as a call for all organizations to adopt Federal contractor cybersecurity standards.

Read full article: