EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline

Oct 21 (Reuters) - The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official. Former partners and associates of the Russian-led criminal gang were responsible for a May cyberattack on the Colonial Pipeline that led to widespread gas shortages on the U.S.


Breaking the News: New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts - The Citizen Lab

Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus operator that we call KINGDOM.

The Citizen Lab

Cybercrime gang sets up fake company to hire security experts to aid in ransomware attacks

FIN7 hacking group created and operated a fake security company called Bastion Secure. The group used the company to recruit and trick security researchers into executing ransomware attacks. Bastion Secure recruited via job portals for Russian-speaking users.

The Record by Recorded Future

New whistleblower claims Facebook allowed hate, illegal activity to go unchecked

A new whistleblower affidavit submitted by a former Facebook employee Friday alleges that the company prizes growth and profits over combatting hate speech, misinformation and other threats to the public, according to a copy of the document obtained by The Washington Post.

Washington Post

How safe is your water from a cyberattack? - Marketplace

Several government agencies, including the FBI, the EPA and the Cybersecurity and Infrastructure Security Agency (CISA) - the agencies making sure sewage and other biohazards stay out of your drinking water - put out an advisory last week highlighting cyber threats to local water and wastewater systems. The warning cites several cyberattacks over the last few years.


Candy corn producer says ransomware incident 'not likely' to sour Halloween supplies - CyberScoop

A major U.S. candy-maker says it's returning to service after a ransomware incident in which intruders interrupted operations at some facilities just weeks before Halloween. Chicago-based Ferrara Candy - the parent company of Lemonheads, Atomic Fireballs, Keebler and others - said attackers hit the firm with ransomware on Oct.


A Rare Win in the Cat-and-Mouse Game of Ransomware

A team of private security sleuths, in their first public detailing of their efforts, discuss how they used cybercriminals' mistakes to quietly help victims recover their data. In a year rife with ransomware attacks, when cybercriminals have held the data of police departments, grocery and pharmacy chains, hospitals, pipelines and water treatment plants hostage with computer code, it was a win, rare in the scale of its success.


Facebook files a lawsuit against a Ukrainian national for allegedly scraping and selling the personal data of 178M+ users on a cybercrime forum

Catalin Cimpanu / The Record: Facebook files a lawsuit against a Ukrainian national for allegedly scraping and selling the personal data of 178M+ users on a cybercrime forum


GCHQ to use new cyber force to hunt ransomware gangs

British signals intelligence agency GCHQ is looking at deploying hackers from the UK's new National Cyber Force to "go after" ransomware gangs, the agency's director has revealed. The number of ransomware attacks - in which hackers seize a company's systems or data and will release them only when a ransom is paid - has doubled across the UK in 2021 compared with last year, Sir Jeremy Fleming warned.


A massive 'stalkerware' leak puts the phone data of thousands at risk

Call records, text messages and location data are easily accessed. The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person's phone because of a security issue in widely used consumer-grade spyware.