Posts

Russia fails to deny takedown of ReVil hacking group is connected to Biden’s pressure on Putin

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The Kremlin has failed to deny that the takedown of Russian-based hacking group ReVil is tied to US President Joe Biden’s pressure on Russian President Vladimir Putin.

Press secretary of the President of the Russian Federation Dmitry Peskov said Wednesday the state doesn’t have any information about REvil’s sudden disappearance from the internet and insisted Russia wants to ‘cooperate’ with the US in taking down cybercriminals.

REvil’s dark web data-leak site and ransom-negotiating portals have both been unreachable since about 1am on Tuesday. 

The timing of the takedown raised eyebrows coming just days after Biden demanded Putin took action following a series of devastating ransomware attacks by the Russia-based group on US businesses.

REvil, also known as ‘Ransomware evil’, was responsible for the Memorial Day ransomware attack on the meat processor JBS and the supply-chain attack this month targeting the Miami-based software company Kaseya that crippled well over 1,000 businesses globally.   

The Kremlin has failed to deny that the takedown of the websites used by Russian-based hacking group ReVil is tied to US President Joe Biden's pressure on Russian President Vladimir Putin. Biden and Putin pictured meeting at the Geneva Summit on June 16

The Kremlin has failed to deny that the takedown of the websites used by Russian-based hacking group ReVil is tied to US President Joe Biden’s pressure on Russian President Vladimir Putin. Biden and Putin pictured meeting at the Geneva Summit on June 16 

When asked Wednesday by reporters if Russia was behind REvil’s takedown from the darknet, Peskov denied having any knowledge of what had happened.  

‘I cannot answer your question, because I do not have such information. I do not know which group, where it disappeared from,’ he said, according to Russian News Agency TASS.

He said Russia believes cybercriminals ‘should be punished’ but doubled down that he was not aware if the ransomware gang had been deliberately been targeted by authorities.  

‘We believe that [cybercriminals] should be punished,’ he said. 

‘On the international level, we believe that we should all cooperate. In this case, Russia and the United States should cooperate in order to suppress such manifestations. 

‘As for the particulars about this group, I, unfortunately, with such information I don’t have it, ‘he added.

Peskov said the US and Russia had begun talks on how to work together to tackle cyber crime.

Source…

Ransomware hackers are now calling up their victims to add pressure

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The ingenuity of cybercriminals would appear to know no bounds. Hacker groups, forever devising perfidious new strategies to blackmail unsuspecting people with malware, are now even resorting to offline techniques to pressure their victims.

Of course, your best insurance against encryption attacks will always be a backup of your files. But hackers know that too.

If your files are being held ransom and you still don’t come forward with the cash, then the hackers will assume you have backups. In this case, they may start ringing you up in person to make you worry about the safety of your backups, even if these are unaffected.

Since August this year, ransomware gangs have been cold-calling victims they suspect have backed-up data in an effort to sow doubt that their backups are safe, tech website ZDNet.com reports, citing anti-ransomware company Coveware.

The ransomware specialists believe various hacker groups are outsourcing these calls to one call centre of non-native English speakers.

Restoring your files from the backup is a waste of time, the hackers will tell the victim over the phone. The ransomware has long since taken control of your networked devices, they say, telling you the only way to get rid of them is to pay up.

“We continue to monitor and know that you are installing SentinelOne antivirus on all your computers,” reads a transcript of one call Coveware shared with ZDNet.com.

“But you should know that it will not help. If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat or the problems with your network will never end.”

Police and malware experts generally advise against being intimidated by blackmailers. Victims are generally advised never to pay money to the hackers, but to inform the police instead. Countless cases have shown that the victim cannot rely on the hackers to release the files after paying.

Anyone seeking technical assistance in encrypting their data should only trust reputable sources – such as the ID Ransomware project, which can often tell exactly which Trojan it is from an…

Source…

Amid pressure, Zoom will end-to-end encrypt all calls, free or paid

Stylized photo of a computer screen with the image of a padlock.

Enlarge (credit: Yuri Samoilov Follow / Flickr)

Under pressure from privacy and human rights advocates, Zoom said on Wednesday that it will make end-to-end encryption available to both paying and non-paying users of its video conferencing service.

Previously, Zoom said it would provide end-to-end encryption to paying customers and a less-robust form of encryption, known as transit encryption, to non-paying customers. Zoom said the two-tier offering would allow law enforcement to regulate illicit content coming from users who don’t have accounts and, hence, are harder to track. Paying users, by contrast, had more traceability and, hence, were less likely to use the platform for illegal purposes.

Critics in privacy and human rights circles said the Zoom plans threatened to make privacy a premium feature rather than something that’s available by default. The critics called on Zoom to provide the same protections for all users.

Read 7 remaining paragraphs | Comments

Biz & IT – Ars Technica

Amazon: Trump used “improper pressure” to block AWS from DOD cloud contract

The JEDI contract is central to DOD's efforts to rapidly adopt cloud technology. But the winner-take-all contract offer has been controversial from the start—and now Amazon claims President Trump put a whole lot more than a finger on the scales to ensure AWS lost.

Enlarge / The JEDI contract is central to DOD’s efforts to rapidly adopt cloud technology. But the winner-take-all contract offer has been controversial from the start—and now Amazon claims President Trump put a whole lot more than a finger on the scales to ensure AWS lost. (credit: Department of Defense)

In a redacted filing released today by the US Federal Court of Claims, attorneys for Amazon asserted that Amazon Web Service’s loss of the Department of Defense Joint Enterprise Defense Infrastructure (JEDI) cloud computing contract to Microsoft’s Azure was the result of “improper pressure from President Donald J. Trump, who launched repeated public and behind-the-scenes attacks to steer the JEDI Contract away from AWS to harm his perceived political enemy—Jeffrey P. Bezos, founder and CEO of AWS’ parent company, Amazon.com, Inc. (“Amazon”), and owner of the Washington Post.”

The suit cites Trump’s instructions to former Secretary of Defense James Mattis to “screw Amazon” out of the contract, as recounted by Mattis’ former chief speechwriter, and numerous other incidents of direct interference by Trump in the contract competition, including ordering an “independent” review of the contract by Defense Secretary Mark Esper in August of 2019.

JEDI was awarded to Microsoft in October. The $ 10 billion contract is for a DOD-wide enterprise Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service(PaaS) program providing compute and storage services—including delivering them to the “tactical edge,” giving troops in the field access to critical data. The initial expenditure, scheduled for the first year of the contract, would be just $ 1 million—but it would be followed by a base two-year ordering period and up to eight years of optional extensions out to 2029, with a capped value of $ 10 billion.

Read 3 remaining paragraphs | Comments

Biz & IT – Ars Technica