the endless drumbeat of high profile ransomware attacks continued this week, but Google’s Threat Analysis Group has also highlighted tricky “pass-the-cookie” attacks that hackers have used in recent years to hijack prominent YouTube channels. While this type of attack isn’t new, Google has taken significant coordinated action to contain the trend. Compromised YouTube channels have been used to spread cryptocurrency scams and other misinformation.
In the meantime, the International Organization for Standardization released its first sex toy manufacturing guidelines last week in an important step towards establishing minimum safety standards across the industry. The document is named ISO 3533 or “Sex Toys: Design and Safety Requirements for Products in Direct Contact with Genitals, the Anus, or Both” although it is significant does not establish clear guidelines for digital security or privacy, both areas in which sextoys have already had significant and effective pitfalls.
If you’re thinking about account security and want a simple weekend project to prop things up, make sure you have done so Two-factor authentication activated it is offered everywhere. And if you want to switch between authenticator apps, say from Google Authenticator to Twilio Authy, we have one Instructions to make it easy without losing access to anywhere.
But wait, there’s more. Every week we round up all the security news that WIRED has not covered in detail. Click the headlines for the full stories and stay safe out there.
The notorious ransomware gang REvil from Russia who are responsible for the JBS meat attack in June and the Kaseya managed software compromise was hacked and taken offline by a consortium of state law enforcement agencies in July. The FBI, US Cyber Command, and the Secret Service worked with partners in other governments on the project to sabotage REvil’s infrastructure. After the Kaseya break-in and the resulting ransomware attacks in July, the FBI was able to procure a universal decryptor from REvil itself. However, officials withheld the tool in order not to divulge their access to REvil’s infrastructure. After some of the gang’s platforms went offline in July, members restored them from backups in September, accidentally restoring law enforcement system access, opening the door to deactivation. REvil’s website and data-leaking platform “Happy Blog” are now inaccessible.
The second largest television broadcaster in the United States, Sinclair Broadcast Group, was hit by a ransomware attack earlier this week that affected the company’s operations and broadcasts. The malicious encryption tool used in the attack is similar to that used before until sanctioned Russian criminal gang Evil Corp. The malware has historically been attributed to the gang. Sinclair struggled to stabilize its operations all week, and staff reported chaos as the stations worked to keep their broadcasts going. “Our focus remains on working closely with an outside cybersecurity firm, other incident response professionals, law enforcement and government agencies as part of our investigation and response to this incident,” Sinclair said in a statement Thursday.
A hacker apparently compromised the Argentine Registro Nacional de las Personas and stole personal data from all Argentines. The fund is now circulating privately for sale in criminal circles. The attack happened last month and targeted government IT networks to access the database, also known as RENAPER. The agency issues national identity cards and other government agencies can consult its database. Government officials said in a opinion that attackers used a legitimate user account to access the database instead of hacking it by exploiting a vulnerability. The first signs of the violation came in early October when a newly created Twitter account posted ID photos and other personal information of 44 prominent Argentines, including President Alberto Fernández and soccer stars Lionel Messi and Sergio Agüero.
On Thursday, the Federal Trade Commission called on six major US Internet service providers for their shady data management practices and lack of strong privacy and security controls. The study focused on AT&T Mobility, Cellco Partnership (Verizon Wireless), Charter Communications Operating, Comcast (Xfinity), T-Mobile US, and Google Fiber. ISPs do not make their privacy practices clear, the FTC noted, and do not adequately disclose how they use customer information. The investigation also found that the services made it difficult for their customers to opt out of data collection.
The problems were known for years, but government and private sector efforts to contain such abuses clearly did not go far enough. “While consumers would certainly expect ISPs to collect certain information about the websites they visit as part of the provision of Internet services, they would likely be surprised at the amount of data that is collected and combined for purposes unrelated to the provision of theirs The FTC wrote in the report, “In particular, browsing data, television history, email and search content, data from connected devices, location information and data on race and ethnicity”.
More great WIRED stories
#International #operation #knocks #infamous #REvil #Ransomware #Group #offline