Security News

TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer a ransomware attack caused the downtime. Its operations include 185 television stations affiliated with Fox, ABC, CBS, NBC, and The CW, with approximately 620 channels in 87 markets across the US. This is the second incident that impacted Sinclair's TV stations in July 2021, when the company asked all Sinclair stations to change passwords "As quickly as possible" following a security breach.

TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer a ransomware attack caused the downtime. Its operations include 185 television stations affiliated with Fox, ABC, CBS, NBC, and The CW, with approximately 620 channels in 87 markets across the US. This is the second incident that impacted Sinclair's TV stations in July 2021, when the company asked all Sinclair stations to change passwords "As quickly as possible" following a security breach.

Representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an "Escalating global security threat with serious economic and security consequences." Besides promoting incident information sharing between ransomware victims and relevant law enforcement and cyber emergency response teams, the initiative aims to improve mechanisms put in place to effectively respond to such attacks, while also countering the abuse of financial infrastructure to launder ransom payments.

Global IT consultancy giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that hit the company's systems in August 2021. "In the past, we have experienced, and in the future, we may again experience, data security incidents resulting from unauthorized access to our and our service providers' systems and unauthorized acquisition of our data and our clients' data including: inadvertent disclosure, misconfiguration of systems, phishing ransomware or malware attacks," Accenture said.

U.S. Water and Wastewater Systems Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide potable water by effectively managing their wastewater.

Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. At the top of the list is CVE-2021-40449, a use-after-free vulnerability in the Win32k kernel driver discovered by Kaspersky as being exploited in the wild in late August and early September 2021 as part of a widespread espionage campaign targeting IT companies, defense contractors, and diplomatic entities.

A standard phishing attack typically involves sending people an email or text message spoofing a known company, brand or product in an attempt to install malware or steal sensitive information. The emails borrowed the look and layout of actual emails from Microsoft and even included information on a subscription for Microsoft Defender Advanced Protection that supposedly was ordered by the recipient.

On Wednesday, Verizon's Visible - an all-digital, uber-cheap wireless carrier - confirmed what customers have been complaining about on Reddit and Twitter all week: They lost control of their accounts; had their passwords and shipping addresses changed; and some got stuck with bills for pricey new iPhones. Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization.

Google said today that it sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021, a considerable increase compared to the previous year. "So far in 2021, we've sent over 50,000 warnings, a nearly 33% increase from this time in 2020," said Ajax Bash, a Google security engineer working with the company's Threat Analysis Group.

A new and still under development ransomware strain is being used in highly targeted attacks against enterprise entities as Broadcom's Symantec Threat Hunter Team discovered. The malware, dubbed Yanluowang ransomware based on the extension it adds to encrypted files on compromised systems.