News

The US has unveiled plans to use ‘retro' technologies to protect its power grid against cyber attacks. The Securing Energy Infrastructure Act is intended to defend the US energy grid by "partnering with industry to utilize engineering concepts to remove vulnerabilities that could allow hackers to access the grid through holes in digital software systems". https://www.computing.co.uk/ctg/news/3078333/us-power-grid-cyber-security-retro-defence

A Georgia state agency says a cyberattack has forced it to shut down some court websites. aNews outlets report hackers demanding a ransom infected computers with malware at the Georgia Administrative Office of the Courts. Agency spokesman Bruce Shaw said Monday that officials have “quarantined our servers and shut off our network to the outside.” It wasn’t immediately clear how many Georgia courts were affected, or to what degree their operations were interrupted. The agency’s...

Officials from Lake City, Florida, have fired an IT employee last week after the city was forced to approve a gigantic ransomware payment of nearly $500,000 last Monday. The employee, whose name was not released, was fired on Friday, according to local media reports , who cited the Lake City mayor. The city's IT manager is also planning to revamp the town's entire IT department to prevent a similar incident from happening in the future....

After weeks of delays, Microsoft has finally released the first Windows 10 19H2 preview update to Slow Ring Insiders. The build number is 18362.10000 and it comes in the form of a cumulative update with behind-the-scenes changes designed for OEMs. In a new blog post, Microsoft stated that Windows 10 19H2 won't be a big release with too many new features. The focus of Windows 10's fall 2019 update would be on performance improvements, enterprise features, and quality enhancements. https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-windows-10-19h2-with-insiders/

US officials are investigating a secret Facebook group where border patrol members allegedly posted racist and sexist jokes about migrants. The private group was called "I'm 10-15" and had about 9,500 members, including former and current border patrol agents, ProPublica reported. Some posts mocked migrant deaths, while others targeted Latino members of Congress, ProPublica said. The Border Patrol chief has called the posts "completely inappropriate". https://www.bbc.co.uk/news/world-us-canada-48834824

Staff were evacuated today at Facebook's Silicon Valley headquarters after a package believed to contain the chemical weapon sarin was delivered to the antisocial network. Buildings were cleared out at the Menlo Park campus after the parcel triggered sarin alarms: it set off equipment designed to inspect all incoming mail for toxins and other nasties. https://www.theregister.co.uk/2019/07/01/facebook_sarin_scare/

Key Takeaways: A new UDP reflection/amplification DDoS vector is observed in the wild. The surprising nature of the abusable reflectors/amplifiers. Recommended DDoS Defense and Best Current Practices (BCPs) for ARMS. Anatomy of a New DDoS Vector One of the ground truths of distributed denial-of-service (DDoS) defense is that literally any kind of packet can be utilized to launch an attack against a host, service, application, or network. And when attackers initially identify a service or...

A Cirque du Soleil mobile application developed for the Toruk show opened up every user's device to exploit by allowing commands to be sent to every user in the crowd. On Monday, cybersecurity researchers from ESET said the "Toruk - The First Flight" application, designed to boost crowd interaction through audiovisual effects, was not designed with security in mind.  https://www.zdnet.com/article/cirque-du-soleil-app-gives-users-same-admin-rights-as-operators/

New data obtained by RSM under a freedom of information request has revealed that financial services firms reported 819 cyber incidents to the Financial Conduct Authority (FCA) in 2018, a huge rise on the 69 incidents reported in 2017. The retail banks were responsible for the highest number of reports (486), almost 60% of the total. This was followed by wholesale financial markets on 115 reports and retail investment firms on 53. https://londonlovesbusiness.com/financial-firms-reported-819-cyber-incidents-to-the-fca-in-2018/

Japan on Monday announced trade restrictions that will make it harder for South Korean companies, such as Samsung and LG, to buy manufacturing technology used to make chips and smartphones. From 4 July, Japanese companies will need to obtain government approval in order to export fluorinated polyimide, resist, or hydrogen fluoride -- materials used to make chips and smartphones -- to South Korean companies. https://www.zdnet.com/article/japan-imposes-trade-restrictions-on-south-korea-for-smartphone-and-chip-materials/