——— Current Events ———

2/15/22: US says Russian hackers have collected intelligence from American defense contractors

Russian government-backed hackers have managed to acquire sensitive information on the development and deployment of US weapons by breaching American defense contractors over the last two years, US security agencies said on Wednesday.

It's one of the clearest public statements yet from the US government on how Kremlin-linked hackers have gathered intelligence on US defense contractors, and comes as the Biden administration warns Russia against further invading Ukraine.

US government agencies have for years regularly released information on state-sponsored hacking threats, and US officials continue to say there is no credible, specific cyber threat to the US homeland tied to the Ukraine crisis.

"These continued intrusions have enabled the actors to acquire sensitive, unclassified information, as well as CDC cleared defense contractors-proprietary and export-controlled technology," says the advisory from the FBI, National Security Agency and US Cybersecurity and Infrastructure Security Agency.

Contractors targeted by the Russian hackers over the last two years have been involved in aircraft design and the development of combat and weapons systems, among other things, the US agencies said.

SOURCE: cnn.com/2022/02/16/politics/us-russia-defense-contractors-hackers/index.html

10/6/21: The entirety of Twitch has reportedly been leaked

An anonymous hacker claims to have leaked the entirety of Twitch, including its source code and user payout information.

The user posted a 125GB torrent link to 4chan on Wednesday, stating that the leak was intended to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool”.

VGC can verify that the files mentioned on 4chan are publicly available to download as described by the anonymous hacker.

One anonymous company source told VGC that the leaked data is legitimate, including the source code for the Amazon-owned streaming platform.

Internally, Twitch is aware of the breach, the source said, and it’s believed that the data was obtained as recently as Monday. We’ve requested comment from Twitch and will update this story when it replies.

SOURCE: videogameschronicle.com/news/the-entirety-of-twitch-has-reportedly-been-leaked

10/4/21: 1.5 Billion Facebook Users Personal Information Posted for Sale Online

UPDATE:

An earlier version of this story's headline referred to a hack, however, this has not been confirmed. It is currently believed the data was obtained by scraping publicly available information.

ORIGINAL STORY:

Personal information from roughly 1.5 billion worldwide Facebook users was allegedly put up for sale following a recent leak.

A member of a known forum for hackers claimed to be in possession of the information in late September and offered to sell it in chunks to others on the forum, according to a report from Privacy Affairs. One user claimed to have gotten a quote of $5,000 for the information of 1 million users

The hacker allegedly in possession of the leaked information claimed that it included the following for each Facebook account: name, email address, location, gender, phone number and user ID.

SOURCE: newsweek.com/15-billion-facebook-users-personal-information-posted-sale-after-hack-1635439

10/4/21: Facebook, Whatsapp, Instagram, and various other service go down

Facebook's week just went from bad to worse.

Facebook (FB), Instagram and WhatsApp all suffered outages midday Monday, according to public statements from the three Facebook services.

Facebook's week just went from bad to worse.

Facebook (FB), Instagram and WhatsApp all suffered outages midday Monday, according to public statements from the three Facebook services.

SOURCE: cnn.com/2021/10/04/tech/facebook-instagram-whatsapp-outage/index.html

6/12/21: Russia, U.S. and other countries reach new agreement against cyber hacking, even as attacks continue

SOURCE: msn.com/en-us/news/world/russia-u-s-and-other-countries-reach-new-agreement-against-cyber-hacking-even-as-attacks-continue

6/7/21: Ransomware attacks saddle Biden with grave national security crisis

The Biden administration Sunday confronted the implications of a sudden and grave national security challenge as ransom-demanding cyber hackers target the staples of American life -- food, gas, water, hospitals and transport.

Energy Secretary Jennifer Granholm Sunday warned that "very malign actors" had the US in their sights after attacks on a pipeline, government agencies, a Florida water system, schools, health care institutions and, even last week, the meat industry and a ferry service to millionaire's playground Martha's Vineyard.

"Even as we speak, there are thousands of attacks on all aspects of the energy sector and the private sector generally ... it's happening all the time," Granholm told Jake Tapper on CNN's "State of the Union."
Alarmingly, the former Michigan governor said that foreign hackers have the capability to shut down the US power network, and counseled firms against paying ransoms demanded by hackers.

They leave President Joe Biden, who took office amid multiple crises, with thorny dilemmas about how to respond without escalating a full-on international cyber war and expose him to new political vulnerability. Many of the attacks appear to be the work of criminal gangs on Russian soil, heaping more pressure on the President's already tense, high-stakes summit next week with President Vladimir Putin during his first foreign trip.

SOURCE: cnn.com/2021/06/07/politics/president-joe-biden-cyber-attacks-russia-putin-trump-economy/index.html

6/4/21: FBI Director Says Cyber Attacks Are A “9/11 Level Threat”

FBI Director Christopher Wray likened the challenge posed by the recent spate of damaging ransomware attacks on the US to the September 11 terrorist attacks and called for a similar sense of urgency and response in a new interview.

"There are a lot of parallels, there's a lot of importance, and a lot of focus by us on disruption and prevention," Mr. Wray said in an interview with the Wall Street Journal on Thursday. "There's a shared responsibility, not just across government agencies but across the private sector and even the average American."

"The scale of this problem is one that I think the country has to come to terms with," he added.

SOURCE: cnn.com/2021/06/04/politics/christopher-wray-cyberattacks-9-11/index.html

——— Cyber Attacks ———

6/2/21: The JBS Foods Hack, What You Need to Know

JBS USA is part of JBS Foods, which is one of the world's largest food companies. It has operations in 15 countries and has customers in about 100 countries, according to its website.

Its brands include Pilgrim's, Great Southern and Aberdeen Black. The US headquarters is based in Greeley, Colorado, and it employs more than 66,000 people.
What happened?

Hackers attacked the company's IT system last weekend, prompting shutdowns at company plants in North America and Australia.

The hack, which the White House described Tuesday as ransomware, affected all of JBS's US meatpacking facilities, according to an official at the United Food and Commercial Workers union that represents JBS employees. The cyberattack resulted in the closure of all nine of the company's US beef plants, which are located in states including Arizona, Texas, Nebraska, Colorado, Wisconsin, Utah, Michigan and Pennsylvania, the union official said.

The White House has said that the ransomware attack was likely carried out by a Russia-based criminal organization, and that it is dealing with the Russian government on the matter.

SOURCE: cnn.com/2021/06/02/business/beef-hack-jbs/index.html

The Colonial Hack

5/13/21: Colonial paid hackers nearly $5 million

Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

SOURCE: bloomberg.com/news/articles/2021-05-13/colonial-pipeline-paid-hackers-nearly-5-million-in-ransom

5/10/21: Statement from the group regarding this hack:

5/8/21: Colonial pipeline systems hacked

The main fuel supply line to the U.S. East Coast has shut down indefinitely after the pipeline's operator suffered what is believed to be the largest successful cyberattack on oil infrastructure in the country's history — presenting a danger of spiking gasoline prices and a fresh challenge to President Joe Biden's pledges to secure the nation against threats.

A shutdown that lasts more than a few days could send gasoline prices in the Southeastern U.S. spiking above $3 a gallon, market a***ysts said. That could deepen the political risks the incident poses for Biden, stealing momentum from his efforts to center the nation's energy agenda on promoting cleaner sources and confronting climate change.

“This was not a minor target,” said Amy Myers Jaffe, a long-time energy researcher and author of Energy’s Digital Future. “Colonial Pipeline is ultimately the jugular of the U.S. pipeline system. It’s the most significant, successful attack on energy infrastructure we know of in the United States. We’re lucky if there are no consequences, but it’s a definite alarm bell.”

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency believes that the intrusion is the work of the criminal ransomware gang known as Darkside and not a nation-state, according to a security researcher who requested anonymity to speak freely.

SOURCE: politico.com/news/2021/05/08/colonial-pipeline-cyber-attack-485984

kind of cool

shouldve been off oil years ago anyway

I mean this attack prob wouldve happened to any energy infrastructure we had in place anyway but still

ransomware strikes again

The funny part is cyber security is apart of the military budget 😅😅😅😅

FIND OUT WHO DID IT, AND SEND SEND SOME STEALTH BOMBERS OVER IN THE DEAD OF NIGHT.

FIX THIS S*** REAL QUICK.

What motive does an independent hacking group have for doing this tho?

money

articles said it was a ransomware attack so probably an employee downloaded something malicious on accident

But how do they get money? Is it like stuck on the system now, and the hacking group is the only one that knows how to remove it, so they’re like “holding it hostage”?

that's usually pretty accurate.

this kind of scenario happens all the time to businesses too. most of the time only thing you can really do is disconnect from the internet ASAP and call the feds when it happens lol.

they might also demand something like payment in bitcoin

it was Synopsis

they get sensitive info on the US energy infrastructure and threaten to release it to the public if the money dont hit their account

Been a lot of cyberattacks lately

smh lol

we need to get with the times for real

seems like russia, india, china and other countries are way more advanced with this stuff than us

there's a serious labor shortage in security

last i checked right before covid hit about 300k positions went unfilled annually

i live in the DMV and all the government agencies near me have been recruiting like crazy since last year.

Just change your password

Dumbasses

We been paying over 3$ a gallon since forever

Yeah cybersecurity is boomin rn

When I was in school(~2019) this kid I was in a Syssec class with got a job offer out of grad school for 80k

During the interview started he asked if he could show a demo of one of his projects, and it was one of the homework assignments we did. The guy stopped the interview and offered him the job right there

i majored in the wrong field

that’s crazy, i would have thought it would be an over populated field

Damn brah wtf

Good thing we’ve invested billions into a fleet of useless, experimental stealth bombers to combat these cyberattacks, instead of updating our archaic ass cyber security.

@DAVIDP you responsible for this?