Security News

Soon after uploading the exploit, Jang received an email from Microsoft-owned GitHub stating that PoC exploit was removed as it violated the Acceptable Use Policies. GitHub faced immediate backlash from security researchers who felt that GitHub was policing the disclosure of legitimate security research simply because it was affecting a Microsoft product.

Code-hosting platform GitHub Friday officially announced a series of updates to the site's policies that delve into how the company deals with malware and exploit code uploaded to its service. Stating that it will not allow the use of GitHub in direct support of unlawful attacks or malware campaigns that cause technical harm, the company said it may take steps to disrupt ongoing attacks that leverage the platform as an exploit or a malware content delivery network.

Application and network performance management company NETSCOUT warned organizations this week that STUN servers have been increasingly abused for distributed denial-of-service attacks, and there are tens of thousands of servers that could be abused for such attacks by malicious actors. While the amplification rate is only 2.32 to 1, UDP reflection/amplification attacks abusing STUN services can be more difficult to mitigate without overblocking legitimate traffic.

Today, Japanese multinational conglomerate Fujifilm officially confirmed that they had suffered a ransomware attack earlier this week that disrupted business operations. On June 2, Fujifilm disclosed that they suffered a cyberattack but would not confirm if the attack was caused by ransomware.

The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. The validity of the REvil source cannot be independently confirmed by Threatpost, however the REvil ransomware gang has used the Russian OSINT channel several times to discuss criminal activities such as future targets, alliances and revenue.

JBS, the world's largest beef producer, has confirmed that all its global facilities are fully operational and operate at normal capacity after the REvil ransomware attack that hit its systems last weekend. On May 31, JBS was also forced to shut down production after REvil ransomware operators breached and encrypted some of its North American and Australian IT system.

Furniture Village - the UK's largest independent furniture retailer with 54 stores nationwide - has been hit by a "Cyber-attack", the company confirmed to The Register. The problems emerged last weekend on 29 May when Furniture Village admitted it was experiencing "Technical issues" and it was unable to answer calls.

Nonprofit healthcare provider, Scripps Health in San Diego, has disclosed a data breach exposing patient information after suffering a ransomware attack last month. On Tuesday, Scripps Health released an updated report on the attack and says that threat actors stole patient data during the attack.

The Steamship Authority, Massachusetts' largest ferry service, was hit by a ransomware attack on Wednesday which led to ticketing and reservation disruptions. "The Woods Hole, Martha's Vineyard, and Nantucket Steamship Authority has been the target of a ransomware attack that is affecting operations as of Wednesday morning," the ferry service said on Wednesday.

Russian hacking group REvil is behind the ransomware attack on meat processing company JBS Foods, according to the FBI. The good news from the JBS Foods ransomware attack is that it seems to have followed one of the basic tenets of cybersecurity - make back-ups. The meat processing company JBS said on Wednesday that its operations had mostly recovered from a ransomware attack and had shut down operations in the United States and Australia earlier this week.