Security News > 2020 > October

Documents filed by cloud software provider Blackbaud with the United States Securities and Exchange Commission this week reveal that bank account details and social security numbers might have been affected in a ransomware attack earlier this year. At the time, the company admitted to paying ransomware operators so that they would delete the data exfiltrated during the attack, but said that no personally identifiable information or bank account details were compromised.

Companies that ransomware-hit US organizations hire to facilitate the paying of the ransom are at risk of breaking US sanctions, falling afoul of the US Department of the Treasury's Office of Foreign Assets Control regulations and may end up paying millions in fines. "Ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States. Ransomware payments may also embolden cyber actors to engage in future attacks. In addition, paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data," the OFAC explained.

The Internet Engineering Task Force has published RFC8915, its proposed standard for network time security. The existing issues affecting basic NTP include DDoS amplification, packet manipulation, and replay attacks - the last two being implemented by man-in-the-middle attacks that can forge messages and falsify the time.

Pastebin recently announced two new security features, but some industry professionals have warned that they will likely be abused for malicious purposes. SecurityWeek has reached out to several industry professionals to find out what they think about the new features and their potential for abuse.

The hospital chain Universal Health Services said Thursday that computer services at all 250 of its U.S. facilities were hobbled in last weekend's malware attack and efforts to restore hospital networks were continuing. Doctors and nurses at affected hospitals and clinics, many already burdened with coronavirus care, have had to rely on manual record-keeping, with lab work slowed.

Cisco this week announced plans to acquire Kubernetes-native security platform Portshift. Founded in 2018 and based in Tel Aviv, Israel, Portshift focuses on providing security for Kubernetes and containers, and takes an agentless approach to delivering vulnerability protection across images, containers, and deployments.

Facebook on Thursday released a detailed technical report on a malware campaign that targeted its ad platform for years. Facebook took legal action against the malware operators in December 2019.

Microsoft this week announced the public preview of support for confidential computing nodes in Azure Kubernetes Service. One of the big tech companies to have affirmed commitment to computing confidentiality, Microsoft made Azure Confidential Computing generally available earlier this year, and also expanded the availability of secure VMs. The availability of confidential containers on AKS is yet another step Microsoft is taking toward moving computing from 'in the clear' to 'confidential'.

Britain's enemies are investing more and more in cyber warfare capabilities, the UK's top general has warned - singling out Russia and its "Digital authoritarianism". "China's new Strategic Support Force is designed to achieve dominance in the space and cyber domains," said the professional head of the armed forces.

So if you're looking for some answers, you'll want to join us on October 14 at 0900 PDT, for a Register webcast on secure paperless communications. Regular Register talking head Tim Phillips will be joined by Jacob Ginsberg, senior director of market intelligence at Echoworx, which knows a thing or two about secure comms, having been offering email encryption since 2000.