Cybersecurity News Headlines Update on 12 June, 2021

JBS Paid $11M Ransom to Prevent Attackers from Leaking Stolen Data

Meat processing company JBS USA acknowledged that it paid $11 million to ransomware operators following an attack late last month. In a media statement, JBS says that most of its facilities were up and running when they paid the ransom, and that the decision to pay was made “to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.” According to Security Scorecard, the JBS attack began with reconnaissance in February 2021. The attackers exfiltrated data from March 1-May 29 and encrypted the JBS environment on June 1.

Fastly CDN Outage Knocked Portions of the Internet Offline

On Tuesday, June 8, many major websites experienced a period of unavailability, which was caused by an outage at content delivery network (CDN) Fastly. Fastly says the issue was due to a software bug that “was triggered by a valid customer configuration change” and that the issue was fixed within an hour.

GitHub Adds RubyGems and PyPl to its Secret Scanning

GitHub has added PyPl and RubyGems to its secrets scanning capabilities. A GitHub blog post notes that “If one of these [package registry credentials] secrets is leaked, rather than compromising one product, it can compromise thousands.” GitHub has been scanning for and revoking secrets, also known as tokens, in users’ code since 2015.

Microsoft Patch Tuesday

On Tuesday, June 8, Microsoft issues fixes for 50 security issues. Six of the flaws –privilege elevation vulnerabilities in Microsoft DWM Core Library, Windows NTFS, and Microsoft Enhanced Cryptographic Provider; an information disclosure vulnerability in the Windows Kernel, and a remote code execution vulnerability on Windows MSHTML platform – are being actively exploited.

Colonial Pipeline CEO Testifies at Congressional Hearings

Colonial Pipeline CEO Joseph Blount testified before the Senate and House Homeland Security Committees earlier this week. Blount said that Colonial Pipeline did not have a plan in place for dealing with the ransomware attack. He encouraged companies that suffer similar attacks to be transparent about their experiences. Blount was criticized for refusing recovery help from the Cybersecurity and Infrastructure Security Agency (CISA).

More Updates: Adobe and Intel

On Tuesday, June 8, Adobe released updates to address more than 40 security issues in Acrobat, Reader, Photoshop, Experience Manager, After Effects and other applications. On the same day, Intel released 29 security advisories to address nearly 80 vulnerabilities in a variety of products.

IoT Message Broker Vulnerabilities

Researchers at the Synopsys Cybersecurity Research Center have found denial-of-service vulnerabilities in three open-source IoT message brokers, RabbitMQ, EMQ X, and VerneMQ. All three flaws involve Message Queuing Telemetry Transport (MQTT) protocol client input handling and can be exploited with a malicious MQTT message. The vulnerabilities were disclosed to project maintainers in March and all three have released fixes. Users should update to RabbitMQ version 3.8.16 or later; EMQ X to version 4.2.8 or later; and VerneMQ version 1.12.0 or later.

Chrome Update Includes Fix for Actively Exploited Flaw

Google has updated its Chrome browser to version 91.0.4472.101 on the stable channel for Windows, Mac, Linux. The browser has been updated to address 14 security issues, including a type confusion vulnerability in the V8 open source and JavaScript engine that is being actively exploited.

Vulnerabilities in Rockwell Automation ISaGRAF5

The US Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory warning of multiple vulnerabilities in Rockwell Automation ISaGRAF5 Runtime. The flaws could be exploited to execute code remotely, disclose information, or cause denial-of-service conditions. The issues affect products from Schneider Electric and GE, which have taken steps to mitigate the issues; other vendors’ products may be affected as well.

CISA Fact Sheet on Ransomware Threat to Operational Technology

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a fact sheet on the increased threat of ransomware to operational technology (OT) assets and control systems. CISA urges “critical infrastructure asset owners and operators [to] adopt a heightened state of awareness and voluntarily implement recommendations” that include identifying critical processes; implementing network segmentation between IT and OT networks; and developing and testing “workarounds or manual controls to ensure that critical processes – and the industrial control system (ICS) networks supporting them – can be isolated and continue operating without access to IT networks.”

Ransomware Hits Community College in Iowa

The Des Moines (Iowa) Area Community College (DMACC) cancelled all classes for four days after its network was hit with a cyberattack. DMACC has asked students, faculty, and staff not to use Microsoft Office 365 or Blackboard. As of Thursday, June 10, classes with in-person components are being held at their regular times. Virtual classes have not yet resumed.

NY State Senate Passes Right to Repair Bill

New York’s State Senate has passed The Digital Fair Repair Act, a bill that would allow consumers to rep[air their own electronic devices. The New York State Assembly has not yet passed its version of the bill.

Visit PUPUWEB Blog for comment and reference link for each topic: https://pupuweb.com/cybersecurity-news-headline-updated-202106/