Connect with us


American insurance giant CNA reportedly pays $40m to ransomware crooks • The Register

Voice Of EU



In brief CNA Finaincial, the US insurance conglomerate, has apparently paid $40m to ransomware operators to gets its files back.

In March the business revealed it had been hit by an extensive Phoenix Locker infection; this strain of malware was developed by Russian scam artists calling themselves Evil Corp, which may have links to Russian intelligence.

All CNA systems are now back up and running though it appears that the company didn’t manage this themselves and instead coughed up a widely reported $40m to the extortionists for the means to decrypt the scrambled files.

“CNA is not commenting on the ransom, but the company did consult and share intelligence with the FBI and OFAC [US Treasury’s Office of Foreign Assets Control] regarding the cyber incident and the threat actor’s identity,” a spokesperson told The Register.

“CNA followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter. Due diligence efforts concluded that the threat actor responsible for the attack is a group called Phoenix. Phoenix is not on any prohibited party list and is not a sanctioned entity.”

In other words: CNA wouldn’t be forbidden from doing a deal with the Phoenix crew, jus’ sayin’.

Luckily for CNA and its customers, an analysis of the ransomware code suggests it doesn’t steal data for later ransom, but instead simply locks it. However, banking mega-millions for a single attack is only going to encourage further intrusions.

Solarwinds CEO says sorry, again

As part of his ongoing apology tour, Solarwinds CEO Sudhakar Ramakrishna appeared at the 2021 RSA Conference this week to assure security professionals that his head of security Tim Brown was still in place and hadn’t been scapegoated. “We don’t like to flog people for failures; he’s highly competent and committed,” the chief exec said.

Too bad the previous CEO Kevin Thompson didn’t feel the same way, who in February blamed an intern for the infamous solarwinds123 password leak during a House committee hearing.

“What happened at the congressional hearings is not what we are about and is not what we are about,” said Ramakrishna. “We have learned from that and I want to reset it here by saying that we are a safe environment.”

Ramakrishna said he learned of the hack on December 12, his birthday, and a month before he officially took over as CEO. He said he had been urged not to take the job, but instead offered to stand down for a while and let the current chief exec run the cleanup operation to ensure continuity.

Oddly though, his half-hour keynote contained almost no technical details at all. Remember when RSA used to be a hardcore security conference? We do, and we miss it.

Stalkerware use surging and the code sucks

The creepy code used to spy on partners or other victims, is not only on the rise but could also be very bad for your digital health.

An analysis by ESET boffin Lukas Stefanko showed Android stalkerware apps are still a growing market, with use of the software seemingly up 48 per cent in 2020, despite them being kinda banned by Google and others after a successful campaign by the Electronic Frontier Foundation.

But such scummy apps are also very poorly written. Stefanko analyzed 86 Android stalkerware applications and found 58 had serious security issues. After contacting the makers as per responsible disclosure, only six fixed the holes, seven promised to do so, one decided it couldn’t be bothered, and 44 didn’t even reply.

“The research should serve as a warning to potential future clients of stalkerware to reconsider using software against their spouses and loved ones, since not only is it unethical, but also might result in revealing the private and intimate information of their spouses and leave them at risk of cyberattacks and fraud,” he concluded.

ExifTool users need to get patching

If your web application, or other software, uses ExifTool to process user-submitted images, it’s time to update to fix a security hole:

William Bowling explained that Perl code can be injected into ExifTool and executed, via a malicious processed file, and it is easy to exploit. Worse, from a security standpoint, multiple image formats are at risk.

Thankfully it’s now patched but considering how many people use the code, and the ease of infiltration, it’s worth checking to make sure everything’s updated.

So, so much cyber-crime

An unfortunate milestone were reached this week, with the FBI’s Internet Crime Complaint Center (IC3) recording its sixth million gripe about online scumbags, the fastest rise in its more-than-20-year history

“On one hand, the number holds some positive news. People know how to find us and how to report an incident,” said IC3 Chief Donna Gregory. “But on the other hand these numbers indicate more people are being affected by online crimes and scams.”

The top three complaints to the consumer reporting service were phishing, non-payment/non-delivery scams, and online extortion. But when it comes to losing money, business email compromises, romance scammers, and investment fraudsters cause the most damage.

We’re told the situation is getting rapidly worse: the latest million complaints have come in just the last 14 months and the trend is accelerating. ®

Source link


Amazon Web Services outage hits sites and apps such as IMDb and Tinder | Amazon

Voice Of EU



Several Amazon services – including its website, Prime Video and applications that use Amazon Web Services (AWS) – went down for thousands of users on Tuesday.

Amazon said the outage was probably due to problems related to application programming interface (API), which is a set of protocols for building and integrating application software, Reuters reported.

“We are experiencing API and console issues in the US-East-1 Region,” Amazon said in a report on its service health dashboard, adding that it had identified the cause. By late late afternoon the outage appeared to be partially resolved, with the company saying that it was “working towards full recovery”.

“With the network device issues resolved, we are now working towards recovery of any impaired services,” the company said on the dashboard.

Downdetector showed more than 24,000 incidents of people reporting problems with Amazon. It tracks outages by collating status reports from a number of sources, including user-submitted errors on its platform.

The outage was also affecting delivery operations. Amazon’s warehouse operation use AWS and experienced disruptions, spokesperson Richard Rocha told the Washington Post. A Washington state Amazon driver said his facility had been “at a standstill” since Tuesday morning, CNBC reported.

Other services, including Amazon’s Ring security cameras, mobile banking app Chime and robot vacuum cleaner maker iRobot were also facing difficulties, according to their social media pages.

Ring said it was aware of the issue and working to resolve it. “A major Amazon Web Services (AWS) outage is currently impacting our iRobot Home App,” iRobot said on its website.

Other websites and apps affected include the Internet Movie Database (IMDb), language learning provider Duolingo and dating site Tinder, according to Downdetector.

The outage also affected presale tickets for Adele’s upcoming performances in Las Vegas. “Due to an Amazon Web Services (AWS) outage impacting companies globally, all Adele Verified Fan Presales scheduled for today have been moved to tomorrow to ensure a better experience,” Ticketmaster said on Twitter.

In June, websites including the Guardian, Reddit, Amazon, CNN, PayPal, Spotify, Al Jazeera Media Network and the New York Times were hit by a widespread hour-long outage linked to US-based content delivery network provider Fastly Inc, a smaller rival of AWS.

In July, Amazon experienced a disruption in its online stores service, which lasted for nearly two hours and affected more than 38,000 users.

Users have experienced 27 outages over the past 12 months on Amazon, according to the web tool reviewing website ToolTester.

Source link

Continue Reading


South Korea sets reliability standards for Big Tech • The Register

Voice Of EU



South Korea’s Ministry of Science and ICT has offered Big Tech some advice on how to make their services suitably resilient, and added an obligation to notify users – in Korean – when they fail.

The guidelines apply to Google, Meta (parent company of Facebook), Netflix, Naver, Kakao and Wavve. All have been told to improve their response to faults by beefing up preemptive error detection and verification systems, and create back up storage systems that enable quick content recovery.

The guidelines offer methods Big Tech can use to measure user loads, then plan accordingly to ensure their services remain available. Uptime requirements are not spelled out.

Big techs is already rather good at resilience. Google literally wrote the book on site reliability engineering.

The guidelines refer to legislation colloquially known as the “Netflix law” which requires major service outages be reported to the Ministry.

That law builds on another enacted in 2020 that made online content service providers responsible for the quality of their streaming services. It was put in place after a number of outages, including one where notifications of the problem were made on the offending company’s social media site – but only in English.

The new regulations follow South Korean telcos’ recent attempts to have platforms that guzzle their bandwidth pay for the privilege. Mobile carrier SK Broadband took legal action in October of this year, demanding Netflix pitch in some cash for the amount of bandwidth that streaming shows – such as Squid Game – consume.

In response, Netflix pointed at its own free content delivery network, Open Connect, which helps carriers to reduce traffic. Netflix then accused SK Broadband of trying to double up on profits by collecting fees from consumers and content providers at the same time.

For the record, Naver and Kakao pay carriers, while Apple TV+ and Disney+ have at the very least given lip service to the idea.

Korea isn’t the only place where telcos have noticed Big Tech taking up more than its fair share of bandwidth. The European Telecommunications Network Operators’ Association (ETNO) published a letter from ten telco CEOs asking that larger platforms “contribute fairly to network costs”. ®

Source link

Continue Reading


Twitter acquires Slack competitor Quill to improve its messaging services

Voice Of EU



As part of the acquisition, Quill will be shutting down at the end of the week as its team joins the social media company.

Twitter has acquired the messaging platform Quill, seen as a potential competitor to Slack, in order to improve its messaging tools and services.

Quill announced that it will be shutting down at the end of the week as its team joins the social media company to continue its original goal “to make online communication more thoughtful, and more effective, for everyone”.

The purchase of Quill could be linked to Twitter’s new strategy to reduce its reliance on ad revenue and attract paying subscribers.

Twitter’s general manager for core tech, Nick Caldwell, described Quill as a “fresher, more deliberate way to communicate. We’re bringing their experience and creativity to Twitter as we work to make messaging tools like DMs a more useful and expressive way people can have conversations on the service”.

Users of Quill have until 11 December to export their team message history before the servers are fully shut down at 1pm PST (9pm Irish time). The announcement has instructions for users who wish to import their chat history into Slack and states that all active teams will be issued full refunds.

The team thanked its users and said: “We can’t wait to show you what we’ll be working on next.”

Quill was launched in February with the goal to remove the overwhelming aspects of other messaging services and give users a more deliberate and focused form of online chat.

In an online post, Quill creator Ludwig Pettersson said: “We started Quill to increase the quality of human communication. Excited to keep doing just that, at Twitter.”

The company became a potential competitor for Slack, which was bought by Salesforce at the end of 2020 for $27.7bn. The goal of that acquisition was to combine Salesforce’s CRM platform with Slack’s communications tools to create a unified service tailored to digital-led teams around the world.

Last week, Salesforce announced the promotion of Bret Taylor to vice-chair and co-CEO, just days after he was appointed independent chair of Twitter after CEO Jack Dorsey stepped down.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!