Tag: Offline | Page 4

Thousands of Canadian websites offline over cybersecurity threat

December 12, 2021/in Computer Security

Eric Caire, Quebec’s minister of digital transformation, said the province has since been working to identify which websites are at risk, one by one, before putting them back online.Graham Hughes/The Canadian Press

Amid warnings from Ottawa of a global online security issue, Quebec said Sunday that it has shut down almost 4,000 government websites as a preventative measure after receiving a cyberattack threat.

At a news conference, Quebec’s minister of digital transformation said the province was made aware of the threat on Friday and has since been working to identify which websites are at risk, one by one, before putting them back online.

“We’re kind of looking for a needle in a haystack,” Eric Caire said, in Quebec City, “Not knowing which websites use the [affected] software, we decided to shut them all.”

He added, “Once we make sure the system is operational, it gets back online.”

Mr. Caire said the provincial vaccine passport system was never at risk, saying it doesn’t require the software that has been the focus of attention.

Canada Revenue Agency goes offline as a precaution, citing global ‘security vulnerability’

Defence Minister Anita Anand said the federal government is aware of a “vulnerability” in a software product called Apache, “which has the potential to be used by bad actors in limited and targeted attacks.”

Ms. Anand said in a statement Sunday that the Canadian Centre for Cyber Security is calling on Canadian organizations of all types to pay attention to this “critical, internet vulnerability affecting organizations across the globe.”

The centre leads the government’s response to cybersecurity events, combining expertise from Public Safety Canada, Shared Services Canada and the Communications Security Establishment (CSE) to work with private and public sectors.

Asked for more details on the reference to Canadian organizations of all types, the CSE said Sunday that it was referring to small, medium and large organizations/enterprises, but did not provide any further details.

The Canada Revenue Agency said Sunday that it became aware on Friday of a security vulnerability.

“As a precaution, we proactively decided to take our online…

Source…

GO Transit website taken offline ‘out of abundance of caution’ due to cyber threat

December 11, 2021/in Computer Security

GO Transit’s website has been taken offline “out of an abundance of caution” due to an ongoing cyber threat that is impacting web services worldwide.

On Friday evening, transportation agency Metrolinx says it was informed by the federal government about a cyber vulnerability regarding web-based services around the globe.

“As an organization, we immediately took proactive steps and began methodically searching our systems to ensure our customers and services are secure and protected,” a statement from Metrolinx read on Friday.

“Out of an abundance of caution, we have decided to proactively take down the GO Transit website until we learn more about this vulnerability.”

Metrolinx says it does not believe any of its websites or assets were exploited or compromised.

The agency says all customer, personal, and financial data systems (including PRESTO) are secure and the safety of the transit network “remains intact.”

“We have strong protections, testing, and monitoring in place – which is why we’re taking the proactive and precautionary step. We are continuing to monitor this incident,” the statement read.

Customers can still plan their GO trips using Triplinx and buy e-tickets at: tickets.gotransit.com.

Customers can also call GO Transit’s customer contact centre for more information and are encouraged to follow GO Transit on Twitter and to check their emails for On-The-GO-Alerts.

On Friday, the Canada Revenue Agency (CRA) also proactively took its systems offline due to the security vulnerability.

“There is currently no indication that CRA systems have been compromised, or that there has been any unauthorized access to taxpayer information because of this vulnerability,” the CRA tweeted Friday night.

The CRA has become aware of a security vulnerability affecting organizations around the world. As a precaution, we have proactively decided to take our systems offline while we work to apply the appropriate security upgrades to our systems. (1/3)

— Canada Revenue Agency (@CanRevAgency) December 11, 2021

Experts say the bug might be the worst computer vulnerability discovered in years.

The vulnerability…

Source…

Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance

July 14, 2021/in Internet Security

Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter by clicking HERE.

a screen shot of a computer: Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance | Jen Easterly sworn in as director of DHS cyber agency

© istock
Hillicon Valley: Russian hacking group believed to be behind Kaseya attack goes offline | DHS funding package pours millions into migrant surveillance | Jen Easterly sworn in as director of DHS cyber agency

Welcome and Happy Tuesday! Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Load Error

Websites used by the cyber criminal group known as REvil went dark Tuesday, just over a week after the group was linked by cybersecurity experts to the ransomware attack on software company Kaseya. While it is unknown why the websites went dark, President Biden last week urged Russian President Vladimir Putin to take further steps against hackers based in his country, and hinted to reporters that the U.S. had the option of disrupting the hackers’ servers.

Meanwhile on Capitol Hill, the House Appropriations Committee marked up the annual Department of Homeland Security appropriations bill, approving a proposal that included millions to pay for technologies that surveil immigrants.

SUSPICIOUS TIMING FOR A HOLIDAY: Websites on the dark web used by a criminal hacking group believed to be behind the recent massive ransomware attack on software company Kaseya went offline Tuesday.

The hacking group, REvil, is believed to be based in Russia, and has been linked by the FBI to the ransomware attack in May on JBS USA, the nation’s largest beef producer. The more recent attack on Kaseya impacted up to 1,500 companies, many of them small businesses.

According to The New York Times, the websites on the dark web used by REvil to negotiate payment with victims and lists of companies it had targeted went dark early on Tuesday morning.

John Hultquist, the vice president of Analysis at cybersecurity group FireEye’s Mandiant Threat Intelligence, confirmed the takedown, saying in a statement provided to The Hill Tuesday that “at the time of analysis…

Source…

The REvil Ransomware Hackers Have Gone Offline

July 13, 2021/in Internet Security

JBS was one of REvil’s most high-profile victims. REvil has now disappeared, however. (Photo … [+] Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images)

SOPA Images/LightRocket via Getty Images

The hacking crew behind damaging attacks on meat supplier JBS and customers of tech provider Kaseya has disappeared from the internet.

The so-called REvil group’s dark web site, dubbed the “Happy Blog,” has been down since early this morning. Repeated attempts by Forbes to access the page today have failed with a notice saying: “The most likely cause is that the onionsite is offline.” REvil’s other pages, including its ransom payment page, are also currently inaccessible, and its representatives have been quiet on hacking forums since late last week, according to numerous cybersecurity researchers.

There’s no information as to why REvil, believed to be operating out of Russia, may have disappeared. It could be due to law enforcement action, though no agency has yet claimed success in taking the group down. (The FBI declined to comment.) Last month, President Biden and Russian leader Vladimir Putin discussed cybersecurity issues, including the potential for the Kremlin to be more supportive of efforts to counter cybercriminals launching devastating attacks on U.S. businesses.

REvil may also have bailed due to the attention from its recent attacks. Or its sites may have simply gone down because of a technical issue. As Brett Callow, a ransomware tracker at cybersecurity firm Emsisoft, notes, the Happy Blog has gone down before and come back up, making it “too early to read anything into this.”

In a similar recent case, the DarkSide ransomware hackers disappeared from the web not long after its malware was used in the huge hack of Colonial Pipeline, which led to the shutdown of gas lines across the east coast of the U.S. In that case, some of the funds handed over in the $4 million ransom, paid in Bitcoin, were recovered by the Justice Department.

Outside of the hack of JBS, which led to an $11 million payment, REvil claimed a big scalp in an attack that exploited an unpatched “zero-day” vulnerability in tech made by Kaseya. By…

Source…

Tag Archive for: Offline