Cyber Attacks and Hacking

User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Cyber Attacks and Hacking

#1

Post by Volkonski »



Eamon Javers
@EamonJavers
Beer News: Molson Coors filed an 8-K today warning that a new cyber attack "has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments”


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
Frater I*I
Posts: 1738
Joined: Mon Feb 22, 2021 10:52 am
Location: City of Dis, Sixth Circle of Hell

Re: Cyber Attacks and Hacking

#2

Post by Frater I*I »

Volkonski wrote: Thu Mar 11, 2021 3:44 pm

Eamon Javers
@EamonJavers
Beer News: Molson Coors filed an 8-K today warning that a new cyber attack "has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments”
No loss there, their stuff is barley a step above dirty dish water...


Gazer Into the SovCit Abyss
User avatar
AndyinPA
Posts: 5278
Joined: Mon Feb 22, 2021 10:42 am
Location: Pittsburgh

Re: Cyber Attacks and Hacking

#3

Post by AndyinPA »

I'm not a big beer drinker, but I like an occasional good beer. I agree totally about that beer. It's awful.


"When enough people make false promises, words stop meaning anything. Then there are no more answers, only better and better lies." - Jon Snow, GOT
User avatar
tek
Posts: 1557
Joined: Mon Feb 22, 2021 10:15 am

Re: Cyber Attacks and Hacking

#4

Post by tek »

Frater I*I wrote: Thu Mar 11, 2021 5:09 pm No loss there, their stuff is barley a step above dirty dish water...
ISWYDT


Estiveo
Posts: 1655
Joined: Mon Feb 22, 2021 9:50 am

Re: Cyber Attacks and Hacking

#5

Post by Estiveo »

Florida principal, daughter hacked student accounts to rig homecoming queen votes, FDLE says
An Escambia County assistant principal and her daughter hacked into dozens of student accounts to cast fake votes to apparently help her daughter become homecoming queen, according to the Florida Department of Law Enforcement.

Pensacola residents Laura Rose Carroll, 50, and her 17-year-old daughter were arrested by FDLE agents Monday after an investigation found they cast 246 votes in Tate High School’s homecoming court election. Her daughter was named homecoming queen in October, according to NorthEscambia.com.
https://www.orlandosentinel.com/news/br ... story.html


Image Image Image Image
User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#6

Post by Volkonski »

Oh the humanity! :(

Dutch supermarkets run out of cheese after ransomware attack

https://www.bleepingcomputer.com/news/s ... re-attack/
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets.

Bakker Logistiek is one of the largest logistics services providers in the Netherlands, offering air-conditioned warehousing and food transportation for Dutch supermarkets.

Last week, Bakker Logistiek suffered a ransomware attack that encrypted devices on their network and disrupted food transportation and fulfillment operations.

"We could no longer receive orders from customers," Bakker director Toon Verhoeven told NOS. "And in our warehouses we no longer knew where products were. These are very large warehouses, you don't just go looking for a pallet. We also couldn't plan our transports anymore. We have hundreds of trucks, which was not done by hand either."


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#7

Post by Volkonski »

Hackers Leak Personal Data of Washington DC Police Officers
The ransomware gang Babuk released the personal details of several Metropolitan Police Department officers—essentially a full dox—in an attempt to extort the department into paying a ransom to stop further leaks.


https://www.vice.com/en/article/wx5deq/ ... e-officers
A gang of cybercriminals who hacked the Washington D.C. Metropolitan Police Department have started leaking alleged internal police files, including "background investigations" on police officers that includes psychological evaluations, polygraph responses, supervisor interviews, their credit history, information about their home, their social security numbers, date of birth, personal emails, home address, phone numbers, their driver's licenses, financial details, and their handwritten signatures.

The files released on each officer constitute, essentially, a full dox of that person's professional and much of their personal lives.

On Tuesday, the ransomware gang that calls itself Babuk published what is calling Part 1 of the data it stole from the MPD last month. The hackers claimed that the police offered money to prevent them from leaking the alleged internal files, but the offer wasn't enough.

"The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers, you can download this archive, the password will be released tomorrow," the hackers wrote on their dark web site. "If during tomorrow they do not raise the price, we will release all the data."


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#8

Post by Volkonski »


CBS Evening News
@CBSEveningNews
Fuel is now moving through the entire Colonial Pipeline, but gas is still hard to find from Texas to D.C. as panic buying continues.

CBS News has learned that Colonial did pay a multi-million dollar ransom to the hackers following a cyberattack that shut down the pipeline.
That's just going to encourage more ransomware attacks.


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#9

Post by Volkonski »

How To Stop Ransomware Attacks? 1 Proposal Would Prohibit Victims From Paying Up

https://www.npr.org/2021/05/13/99629936 ... witter.com
For cybersecurity experts, an attack on critical U.S. infrastructure was always the doomsday scenario. Now, less than a week after hackers managed to knock an essential East Coast pipeline offline, that fear has become reality.

The attack against the operator of the system, Colonial Pipeline, led the company to announce Saturday that it had shut down 5,500 miles of pipeline carrying roughly 45% of fuel supplies for the entire East Coast. Colonial said Wednesday that it had "initiated the restart of pipeline operations" but warned that it would take several days for supply to return to normal. In the meantime, governors in at least three states have already declared states of emergency, and fears of fuel shortages have resulted in lines of panicked drivers at gas stations across much of the southeast.

:snippity:

Colonial has acknowledged that its computer networks were hit by a ransomware attack — in essence, an attack in which a hacker or criminal group breaks in and encrypts the contents of a victim's computers until a ransom is paid. And while the company has declined to say whether it has offered a ransom, the attack is focusing new attention on a potentially radical proposal to stem the growing threat posed by ransomware: making it illegal for targets to pay their attackers.

:snippity:

In late April, a public-private task force composed of members from Amazon Web Services, Microsoft, the FBI and the Secret Service, among others, delivered to the White House an ambitious set of recommendations for a whole-of-government approach to fighting the ransomware threat. In it, they laid out a framework calling on business and government to join forces to develop a coordinated strategy for deterring attacks, disrupting the ransomware business model and better equipping organizations in preparing for and responding to cyber-assaults.


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
neeneko
Posts: 1070
Joined: Tue Feb 23, 2021 9:32 am

Re: Cyber Attacks and Hacking

#10

Post by neeneko »

Volkonski wrote: Thu May 13, 2021 11:04 pm How To Stop Ransomware Attacks? 1 Proposal Would Prohibit Victims From Paying Up
Unfortunately, now that institutional investors have gotten onto the BTC train, I could not see legislation that destroys is value like that passing. Once big players start getting a cut or profit motive related to a problem, it gets really hard to actually fix things.


User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#11

Post by Volkonski »

Ransomware group's extortion website offline after cyberattack leads to shutdown of major fuel pipeline

https://www.cnn.com/2021/05/14/politics ... index.html
The site previously housed announcements from the criminal ransomware group, identified as DarkSide, as well as files of stolen data from other ransomware incidents, screenshots showed. It now shows a blank page with "Not Found" up top.

The FBI confirmed earlier this week that DarkSide ransomware was responsible for the compromise of Colonial Pipeline networks, setting off a shutdown of pipeline operations that led to fuel shortages and massive lines at gas stations along the southern east coast.

The group's site went offline sometime Thursday and was still unavailable as of Friday, leading to speculation that it could have been taken down by law enforcement or that DarkSide itself took it down.

In an announcement posted late Thursday night that was reviewed by the cybersecurity firms Intel 471 and Recorded Future and translated, the group wrote: "A couple of hours ago, we lost access to the public part of our infrastructure," including its blog and payment server.


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
neeneko
Posts: 1070
Joined: Tue Feb 23, 2021 9:32 am

Re: Cyber Attacks and Hacking

#12

Post by neeneko »

Volkonski wrote: Fri May 14, 2021 2:56 pm Ransomware group's extortion website offline after cyberattack leads to shutdown of major fuel pipeline
Maybe they decided to cash out or at least lay low for a while? 5 million is a pretty good payday.


User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#13

Post by Volkonski »

French Toshiba Unit Hit by Ransomware Attack

https://www.courthousenews.com/french-t ... re-attack/
A French subsidiary of Japanese industrial giant Toshiba said Friday it was hit by a ransomware attack this month by the same shadowy group that disrupted a major U.S. fuel pipeline.

Toshiba TFIS, which specialises in printers, was “hacked on May 4 by DarkSide ransomware which had already attacked numerous companies of all sizes”, the company said in a statement.

The Japanese conglomerate said in a separate statement that the attack was limited to part of Europe and the hackers did not get access to client data.

A Toshiba spokesman told AFP that the attack did not hit other parts of the group. “The amount of work lost was minimal,” Toshiba TFIS said.


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
AndyinPA
Posts: 5278
Joined: Mon Feb 22, 2021 10:42 am
Location: Pittsburgh

Re: Cyber Attacks and Hacking

#14

Post by AndyinPA »

https://therecord.media/darkside-ransom ... en-threat/
A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.

“A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. CDN servers,” said Darksupp, the operator of the Darkside ransomware, in a post spotted by Recorded Future threat intelligence analyst Dmitry Smilyanets.

“Now these servers are unavailable via SSH, and the hosting panels are blocked,” said the Darkside operator while also complaining that the web hosting provider refused to cooperate.

In addition, the Darkside operator also reported that cryptocurrency funds were also withdrawn from the gang’s payment server, which was hosting ransom payments made by victims.

The funds, which the Darkside gang was supposed to split between itself and its affiliates (the threat actors who breach networks and deploy the ransomware), were transferred to an unknown wallet, Darksupp said.


"When enough people make false promises, words stop meaning anything. Then there are no more answers, only better and better lies." - Jon Snow, GOT
User avatar
sad-cafe
Posts: 1145
Joined: Mon Feb 22, 2021 11:17 am
Location: Kansas aka Red State Hell

Re: Cyber Attacks and Hacking

#15

Post by sad-cafe »

Tulsa Okla got hit with ransom and all of it is messed up


User avatar
neeneko
Posts: 1070
Joined: Tue Feb 23, 2021 9:32 am

Re: Cyber Attacks and Hacking

#16

Post by neeneko »

AndyinPA wrote: Fri May 14, 2021 5:07 pm https://therecord.media/darkside-ransom ... en-threat/
The funds, which the Darkside gang was supposed to split between itself and its affiliates (the threat actors who breach networks and deploy the ransomware), were transferred to an unknown wallet, Darksupp said.
Heh. A recurring story in a lot hacker and other 'dark web' ventures is, when things start looking dicy, often one or more of the people with access to the infrastructure perform their own little exit and leave the rest of the group/market out in the cold.


User avatar
Frater I*I
Posts: 1738
Joined: Mon Feb 22, 2021 10:52 am
Location: City of Dis, Sixth Circle of Hell

Re: Cyber Attacks and Hacking

#17

Post by Frater I*I »

neeneko wrote: Fri May 14, 2021 6:23 pm
Heh. A recurring story in a lot hacker and other 'dark web' ventures is, when things start looking dicy, often one or more of the people with access to the infrastructure perform their own little exit and leave the rest of the group/market out in the cold.
No honour amongst thieves :lol:


Gazer Into the SovCit Abyss
User avatar
AndyinPA
Posts: 5278
Joined: Mon Feb 22, 2021 10:42 am
Location: Pittsburgh

Re: Cyber Attacks and Hacking

#18

Post by AndyinPA »

https://apnews.com/article/europe-coron ... 9e981f4b56

LONDON (AP) — Ireland’s health service shut down its IT systems on Friday after being targeted in a ransomware attack by what it called “international criminals.”

Appointments and elective surgeries were canceled at several hospitals and Deputy Prime Minister Leo Varadkar said the disruption could last for days.

“There’s lots we don’t know but it appears to be a ransomware attack by international criminals,” Varadkar said. “The problem could run through the weekend and into next week, unfortunately.”

Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victims’ networks, and demand a large payment to decrypt it.

Varadkar called the attack “very serious.”[/quote]


"When enough people make false promises, words stop meaning anything. Then there are no more answers, only better and better lies." - Jon Snow, GOT
User avatar
Foggy
Dick Tater
Posts: 4943
Joined: Mon Feb 22, 2021 8:45 am
Location: TOP SECRET Fogbow HQ
Occupation:: muttering and puttering

Re: Cyber Attacks and Hacking

#19

Post by Foggy »

Remember the SolarWinds attack that infected more than 100 government agencies?

It started - according to the CEO, later disputed by their PR firm - because an intern set a key password to solarwinds123. :doh: :doh: :doh:

I don't know how many of these ransomware attacks are working because of crappy passwords, but I bet some are. I don't have any passwords as bad as solarwinds123, and I have anti-ransomware software. They'll never get $5 million from me! :lol:


We are NOT going back! - Nancy Pelosi
Mood: injudicious
User avatar
tek
Posts: 1557
Joined: Mon Feb 22, 2021 10:15 am

Re: Cyber Attacks and Hacking

#20

Post by tek »

I bet that 'intern' was just a scapegoat.

The number of times I have caught seasoned software engineers coding in a backdoor with a stupid password "but we need it for debugging! We'll take it out before we ship!"...

just. don't. ever. do. that.


User avatar
neeneko
Posts: 1070
Joined: Tue Feb 23, 2021 9:32 am

Re: Cyber Attacks and Hacking

#21

Post by neeneko »

tek wrote: Sat May 15, 2021 7:46 am I bet that 'intern' was just a scapegoat.

The number of times I have caught seasoned software engineers coding in a backdoor with a stupid password "but we need it for debugging! We'll take it out before we ship!"...

just. don't. ever. do. that.
Heh.

I can recall years ago developing a internet connected embedded system and putting in back doors even in shipped projects. Boy did marketing consider us heros if we were able to fix a customer's problem remotely without them even needing to go out to the device.

The problem with bad, insecure practices is they come out of having so much utility, and well designed secure systems end up getting in the way of primary goals.


User avatar
tek
Posts: 1557
Joined: Mon Feb 22, 2021 10:15 am

Re: Cyber Attacks and Hacking

#22

Post by tek »

neeneko wrote: Sat May 15, 2021 1:43 pm The problem with bad, insecure practices is they come out of having so much utility, and well designed secure systems end up getting in the way of primary goals.
Solvable problem, it turns out.

The guy who has been leading the merry band of thieves (of which I am part) that has been through half a dozen startups, sometimes together sometimes separately, beats into our heads "You DESIGN the access. You write down how it works. You make it something that you'd trust your kids' PII to. Then you go work on the rest of the stuff."

you don't stick in an ad-hoc channel.

Just MHO..


User avatar
RVInit
Posts: 2135
Joined: Mon Feb 22, 2021 8:48 am

Re: Cyber Attacks and Hacking

#23

Post by RVInit »

Foggy wrote: Sat May 15, 2021 7:40 am Remember the SolarWinds attack that infected more than 100 government agencies?

It started - according to the CEO, later disputed by their PR firm - because an intern set a key password to solarwinds123. :doh: :doh: :doh:

I don't know how many of these ransomware attacks are working because of crappy passwords, but I bet some are. I don't have any passwords as bad as solarwinds123, and I have anti-ransomware software. They'll never get $5 million from me! :lol:
Yeah, you'll just say the hosting company screwed up and we'll be signing up on Fogbow 3.0

:bag:

I'll see myself out now...


There's a lot of things that need to change. One specifically? Police brutality.
--Colin Kaepernick
User avatar
Volkonski
Posts: 8069
Joined: Mon Feb 22, 2021 11:06 am
Location: Texoma and North Fork of Long Island
Occupation:: Retired mechanical engineer
Contact:

Re: Cyber Attacks and Hacking

#24

Post by Volkonski »

Cyberattack hits world's largest meat supplier
It might be days before production resumes after an “organized cybersecurity attack” affected some servers supporting JBS USA's North American and Australian IT systems, officials said.


https://www.nbcnews.com/tech/security/c ... d_nn_tw_ma
Thousands of meat workers had no work for a second day on Tuesday after a cyberattack crippled the world’s largest meat processing company. A government minister said it might be days before production resumes.

JBS is also Australia’s largest meat and food processing company, with 47 facilities across the country including abattoirs, feedlots and meat processing sites. JBS employs around 11,000 people.

JBS USA said in a statement from Greeley, Colorado, on Monday that it was the target on Sunday of an “organized cybersecurity attack” affecting some of its servers supporting its North American and Australian IT systems.

“The company’s backup servers were not affected and it is actively working with an Incident Response firm to restore its systems as soon as possible,” the statement said.


“If everyone fought for their own convictions there would be no war.” ― Leo Tolstoy, War and Peace
User avatar
RTH10260
Posts: 5942
Joined: Mon Feb 22, 2021 10:16 am
Location: Switzerland, near the Alps

Re: Cyber Attacks and Hacking

#25

Post by RTH10260 »

:twisted: Australian meat processing? Must be all those anti-Brexiteers that are sabotaging the intended trade deal between the UK and Australia, cause Australia will get open access to the UK markets, meat included, food in general. While the UK farmers have hardly any chance to export their highly subsidised products to down-under while looking for new markets after being kicked out of the EU. :twisted:


Post Reply

Return to “Computers and Internet”