BlackRock: Overweight European Stocks, China Bonds & Inflation Linkers

GET ACTIVE OR DON'T COMPLAIN > The Mesa City Council Earn Salaries To Work In The Public Interest

What time is it you might ask to take on your civic responsibilities as a citizen. NOW

Your elected government - and the individuals that voters select to represent their interests, opinions and needs - cannot be effective unless you get informed, active and involved in what City Hall is doing.
They all earn salaries (and generous benefits) to represent and listen to you.
If you don't communicate with the mayor and/or the six district councilmembers, they will listen to other interests. 
It's as simple and clear as that can be. . . the rest is up to you.
____________________________________________________________________________

The Mesa City Council sets policies based on the input and needs of its citizens

Mesa operates under a charter form of government with citizens electing a mayor and six councilmembers to set policy for the City.

Below is an information graphic for you to use: there are links to interact and connect

With your Council member > use it!

 

MAYOR AND CITY COUNCIL 
Link >   https://www.mesaaz.gov/city-hall/mayor-council 

"The Mesa City Council believes that its people, not leaders, are what makes a City great and actively works to encourage citizen participation in the decision-making process. Whether it is through neighborhood meetings, advisory boards and committees, telephone calls and letters, or email, the Mesa City Council sets policies based on the input and needs of its citizens"

Mayor John Giles
Councilmember Mark Freeman District 1	Councilmember Julie Spilsbury District 2	Councilmember Francisco Heredia District 3
Vice Mayor Jenn Duff District 4	Councilmember David Luna District 5	Councilmember Kevin Thompson District 6

MASSIVE RANSOMWARE ATTACKS GO ON UN-STOPPED. . .More Excuses

Same old and tired repeated-over-and-over again every time there's another one - Experts have predicted that when workers return to offices in the U.S. on Tuesday there may be more victims.

Kaseya ransomware attackers demand $70 million, claim they infected over a million devices

By Richard Lawler@rjcc Jul 5, 2021, 3:45pm EDT

The Verge

Three days after ransomware attackers started the holiday weekend by compromising Kaseya VSA, we have a clearer idea of how widespread the impact has been.

In a new ransom demand, the attackers claim to have compromised more than 1 million computers, and demand $70 million to decrypt the affected devices.

Kaseya’s software is used by Managed Service Providers to perform IT tasks remotely, but on July 2nd, the Russia-linked REvil ransomware group deployed a malicious software update exposing providers who use the platform, and their clients.

The Dutch Institute for Vulnerability Disclosure (DIVD) revealed that it appears the exploit used for the breach was same one they discovered and were in the process of addressing when the attackers struck. “We were already running a broad investigation into backup and system administration tooling and their vulnerabilities,” DIVD wrote. “One of the products we have been investigating is Kaseya VSA. We discovered severe vulnerabilities in Kaseya VSA and reported them to Kaseya, with whom we have been in regular contact since then.”

On Friday, Kaseya CEO Fred Vocolla said that “Only a very small percentage of our customers were affected – currently estimated at fewer than 40 worldwide.” Sophos VP Ross McKerchar said in a statement Sunday that “This is one of the farthest reaching criminal ransomware attacks that Sophos has ever seen. At this time, our evidence shows that more than 70 managed service providers were impacted, resulting in more than 350 further impacted organizations. We expect the full scope of victim organizations to be higher than what’s being reported by any individual security company.”

Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger followed up on earlier comments by President Biden, saying

“The FBI and CISA will reach out to identified victims to provide assistance based upon an assessment of national risk.”.                                                     

Huntress Labs is participating in the response to the attack and has cataloged most of the available information, saying the attack compromised over 1,000 businesses that it’s tracking.

REvil ransom demand

> Sophos, Huntress and others pointed to this post (above) on REvil’s “Happy Blog,” claiming that more than a million devices have been infected and setting a ransom demand of $70 million in Bitcoin to unlock all of them.

REvil has been linked to a slew of ransomware incidents, including one attack involving Kaseya in June 2019, and a high-profile incident earlier this year targeting the meat supplier JBS. However, security researcher Marcus Hutchins expressed skepticism about the group’s claim, suggesting they’re overstating the impact in hopes of extracting a large payout from Kaseya or someone else . . ."

=========================================================================

Dutch researchers said they alerted Miami-based Kaseya to the breach and said the criminals used a “zero day,” the industry term for a previous unknown security hole in software. Voccola would not confirm that or offer details of the breach — except to say that it was not phishing.

“The level of sophistication here was extraordinary,” he said 

Victims > Most ransomware victims don’t publicly report attacks or disclose if they’ve paid ransoms.

Scale, details of massive ransomware attack emerge

POLITICO

An affiliate of the notorious REvil gang infected thousands of victims in at least 17 countries.

The FBI said in a statement Sunday that it was investigating the attack. | Jose Luis Magana/AP Photo

BOSTON — Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit.

An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said. They reported ransom demands of up to $5 million.

> The FBI said in a statement Sunday that it was investigating the attack along with the federal Cybersecurity and Infrastructure Security Agency, though “the scale of this incident may make it so that we are unable to respond to each victim individually.”

> The attack comes less than a month after Biden pressed Russian President Vladimir Putin to stop providing safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the U.S. deems a national security threat.

> A broad array of businesses and public agencies were hit by the latest attack, apparently on all continents, including in financial services, travel and leisure and the public sector — though few large companies, the cybersecurity firm Sophos reported. Ransomware criminals break into networks and sow malware that cripples networks on activation by scrambling all their data. Victims get a decoder key when they pay up.

> John Hammond of Huntress Labs, one of the first cybersecurity firms to sound the alarm on the attack, said he’d seen $5 million and $500,000 demands by REVil for the decryptor key needed to unlock scrambled networks. The smallest amount demanded appears to have been $45,000.

> Sophisticated ransomware gangs on REvil’s level usually examine a victim’s financial records — and insurance policies if they can find them — from files they steal before activating the data-scrambling malware. The criminals then threaten to dump the stolen data online unless paid. It was not immediately clear if this attack involved data theft, however. The infection mechanism suggests it did not.

Report from The Verge: Public WiFi Network Names

Researcher finds certain network names can disable Wi-Fi on iPhones

It looks like Wi-Fi networks with percent symbols in their names may cause a bug

By Kim Lyons Jul 4, 2021, 3:30pm EDT

        

The Verge |

A security researcher has found that certain Wi-Fi networks with the percent symbol (%) in their names can disable Wi-Fi on iPhones and other iOS devices. Carl Schou tweeted that if an iPhone comes within range of a network named %secretclub%power, the device won’t be able to use Wi-Fi or any related features, and even after resetting network settings, the bug may continue to render Wi-Fi on the device unusable.

A few weeks ago, Schou and his not-for-profit group, Secret Club, which reverse-engineers software for research purposes, found that if an iPhone connected to a network with the SSiD name %p%s%s%s%s%n it would cause a bug in iOS’ networking stack that would disable its Wi-Fi, and system networking features like AirDrop would become unusable.

9to5 Mac offered a possible explanation for the weird bug:

the ‘%[character]’ syntax is commonly used in programming languages to format variables into an output string. In C, the ‘%n’ specifier means to save the number of characters written into the format string out to a variable passed to the string format function. The Wi-Fi subsystem probably passes the Wi-Fi network name (SSID) unsanitized to some internal library that is performing string formatting, which in turn causes an arbitrary memory write and buffer overflow. This will lead to memory corruption and the iOS watchdog will kill the process, hence effectively disabling Wi-Fi for the user. 

 

Meet Elon Musk’s Newest Invention: The Tesla Restaurant

CANCAN TURNS INTO A FIGHT | PERCOSSA | KNOCK OUT!

RUSSIA’S MIG-31 FOXHOUND INTERCEPTORS WENT TO SYRIA—They were invited, Guys!