CyberNews: Top of the news

Git Ransomware

Hackers have been infecting code repositories with ransomware, wiping code and commits and replacing them with a text file ransom demand for Bitcoin. The hackers have targeted users on GitHub, GitLab, and Bitbucket. It is not clear how the attackers gained access to the accounts.
Read more in:
– www.theregister.co.uk
: Mystery Git ransomware appears to blank commits, demands Bitcoin to rescue code
– www.bleepingcomputer.com: Attackers Wiping GitHub and GitLab Repos, Leave Ransom Notes
– www.vice.com: Someone Is Hacking GitHub Repositories and Holding Code Ransom

Supply Chain Hackers Eroding Trust in Software Distribution Systems

Over the past three years, a group of hackers known by several names, including Barium ShadowHammer, and Wicked Panda, have infected software distribution systems at at least six different companies. The group’s approach is to infect large numbers of users through these software distribution channels, and then cull the victims for the targets of their espionage efforts. If the group had chosen to distribute ransomware through the infected computers, the results would have been devastating.

Read more in:
– www.wired.com
: A Mysterious Hacker Group is on a Supply Chain Hijacking Spree

International Law Enforcement Authorities Take Down Dark Web Marketplaces

Two dark web marketplaces – the Wall Street Market (WSM) and the Silkkitie or Valhalla Marketplace – have been taken down in an international coordinated effort involving Europol and German, Dutch, US, Finnish, and French authorities. Three suspects are in custody in Germany; they face charges in the US related to their alleged operation of the WSM.
Read more in:
– www.europol.europa.eu
: Double Blow to Dark Web Marketplaces
– krebsonsecurity.com: Feds Bust Up Dark Web Hub Wall Street Market

Google Access Transparency for Cloud Services(March 2019)

Google’s Access Transparency service allows customers to view service logs related to their accounts. Access Transparency is supported on six different Google Cloud Platform services; there are plans to add support for more services.

Read more in:
– searchcloudcomputing.techtarget.com
: Google tool signals move to greater cloud transparency
– cloud.google.com: Access Transparency

Microsoft is Offering Free Election Security Tools(May 6, 2019)

Microsoft plans to release a free open-source software development kit that can be used to help improve election security. ElectionGuard will be available later this summer to election officials and election technology suppliers. ElectionGuard can be used to allow third-party election result validation and to allow voters to check that their ballots were counted correctly.

Read more in:
– blogs.microsoft.com
: Protecting democratic elections through secure, verifiable voting
– www.cyberscoop.com: Microsoft pushes open-source software kit to election agencies, voting-tech vendors



Categories: Cyber news, Cyber Security

Tags:

2 replies

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.