ANOTHER POV + EQUAL TIME: China, Russia agree to uphold multilateralism, warn of 'small circles'

BLEEPING COMPUTER: Last Week in Ransomware

The Week in Ransomware - October 29th 2021 - Making arrests

Lawrence Abrams

BleepingComputer |

This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities.

Today, Europol announced that twelve individuals were arrested today for their links to over 1,800 ransomware attacks in 71 countries.

The arrested hackers include affiliates and penetration testers for the LockerGoga, MegaCortex, and Dharma operations, including those suspected to be behind the 2019 attack against Norsk Hydro.

German law enforcement is also believed to have identified a core member of the REvil ransomware gang.

The other big news this week is the revealment of a BlackMatter decryptor created by Emsisoft that has been secretly used to help victims recover their files without paying a ransom.

Avast also released two decryptors this week - one for Babuk Ransomware and another that decrypts files encrypted by Atom Silo and LockFile files.

Finally, the NRA suffered a ransomware attack by the Grief ransomware operation, which is linked to the US sanctioned Evil Corp hacking group.

Today, the Grief gang removed their NRA from their data leak site, indicating that the NRA may have paid the ransom demand.

Contributors and those who provided new ransomware information and stories this week include: @serghei, @fwosar, @malwareforme, @malwrhunterteam, @DanielGallagher, @Ionut_Ilascu, @LawrenceAbrams, @jorntvdw, @Seifreed, @struppigel, @BleepinComputer, @FourOctets, @billtoulas, @demonslay335, @VK_Intel,@PolarToffee, @BrettCallow, @menlosecurity, @hatr, @maxzierer, @emsisoft, @HuntressLabs, @calebjstewart, @_JohnHammond, @pancak3lullz, @GelosSnake, @AltShiftPrtScn, @Sophos, @R44MB00, @sonatype, @Avast, @ddd1ms, @fbgwls245, @Amigo_A_, @ESETresearch, and @pcrisk.

October 23rd 2021

New BigBossHorse ransomware variant

dnwls0719 found a new BigBossHorse ransomware variant called 'WhiteHorse' that appends the .WhiteHorse extension.

October 24th 2021

BlackMatter ransomware victims quietly helped using secret decryptor

Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars.

October 25th 2021

Hackers used billing software zero-day to deploy ransomware

An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets' networks in ongoing attacks.

New Dharma Ransomware variant

PCrisk found a new Dharma Ransomware variant that appends the .lsas extension.

October 26th 2021

FBI: Ranzy Locker ransomware hit at least 30 US companies this year

The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors.

An interview with LockBit: The risk of being hacked ourselves is always present

Even though the LockBit ransomware group has been operating since September 2019, up until June this year, they have been a marginal player on the ransomware landscape.

New STOP Ransomware variant

PCrisk found a new STOP Ransomware variant that appends the .rugj extension.

October 27th 2021

Malicious NPM libraries install ransomware, password stealer

Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users.

Babuk ransomware decryptor released to recover files for free

Czech cybersecurity software firm Avast has created and released a decryption tool to help Babuk ransomware victims recover their files for free.

Free decryptor released for Atom Silo and LockFile ransomware

Avast has just released a decryption tool that will help AtomSilo and LockFile ransomware victims recover some of their files for free without having to pay a ransom.

NRA: No comment on Russian ransomware gang attack claims

The Grief ransomware gang claims to have attacked the National Rifle Association (NRA) and released stolen data as proof of the attack.

October 28th 2021

Ransomware gangs use SEO poisoning to infect visitors

Researchers have spotted two campaigns linked to either the REvil ransomware gang or the SolarMarker backdoor that use SEO poisoning to serve payloads to targets.

German investigators identify REvil ransomware gang core member

German investigators have reportedly identified a Russian man whom they believe to be one of REvil ransomware gang's core members, one of the most notorious and successful ransomware groups in recent years.

The Top 10 Ways Ransomware Operators Ramp Up the Pressure to Pay

Ransomware operators don't just target systems and data, they target people in their ever-increasing efforts to get the victim to pay

New STOP Ransomware variant

PCrisk found a new STOP Ransomware variant that appends the .rivd extension.

New Owl Ransomware

Amigo-A found the new Owl Ransomware that appends the .(OwL) extension and drops ransom notes named !README!.txt and !README!.hta.

New Sabbath ransomware

Amigo-A found the new Owl Ransomware that appends the .54bb47h extension to encrypted files.

October 29th 2021

Police arrest hackers behind over 1,800 ransomware attacks

Europol has announced the arrest of 12 individuals believed to be linked to ransomware attacks against 1,800 victims in 71 countries.

Hive ransomware now encrypts Linux and FreeBSD systems

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.

That's it for this week! Hope everyone has a nice weekend!

Related Articles:

The Week in Ransomware - September 17th 2021 - REvil decrypted

The Week in Ransomware - October 22nd 2021 - Striking back

Police arrest hackers behind over 1,800 ransomware attacks

BlackMatter ransomware victims quietly helped using secret decryptor

Free REvil ransomware master decrypter released for past victims

TOSSING COINS IN THE TREVI FOUNTAIN: G20: Leaders make mild pledges on carbon neutrality and coal financing a...

WHOA! Westpac Unveils Record $2.6 Billion Buyback as Profit Climb

Lou Reed - Walk On The Wild Side (Lyrics)

Lou Reed - A Walk On The Wild Side (Live at Farm Aid 1985)

FASHIONISTA SINEMA: When A Closet of Colorful Clothes is All-Out There In A Political Agenda That's a Mixed-Bag of Messaging

Thanks to Angela Johnson, who wanted to start up (and succeeded) to establish an entire new woman-owned fashion industry here in Arizona from her company Fabric work-space in Tempe, it looked like all the right stuff was moving in the right direction... until Kyrsten Sinema and her eye-candy clothes grabbed all the eyes of national media attention.  

The latest episode happened in Tempe - inside a public bathroom at ASU where the Democratic Arizona Senator was teaching a class in political fund-raising

Moment activists chase Sen. Sinema into BATHROOM at ASU and demand she back Biden's $3.5T social bill to address immigration issues

• A group of activists confronted Sen. Kyrsten Sinema in a restroom about her reluctancy to back President Joe Biden's Build Back Better plan
• They threatened to vote her 'out of office' if she failed to fulfill her promises
• One activist, who identified herself as Blanca, shared her own immigration story with Sinema, asking her to help find a 'pathway to citizenship'
• Video of the incident was shared on social media, promoting response from Republican Rep. Matt Gaetz who tweeted: '#DeportBlanca'  
• Sinema did not engage with the activists

By Natasha Anderson For Dailymail.Com

Published: 20:41 EDT, 3 October 2021 | Updated: 09:24 EDT, 4 October 2021

A group of activists followed Sen. Kyrsten Sinema into a bathroom at Arizona State University on Friday to demand that the Democrat address immigration issues

'We knocked on doors for you to get you elected. Just how we got you elected, we can get you out of office if you don't support what you promised us,' one activist threatened.

The activists begged Sinema — who did not engage in discussion — to support President Joe Biden's Build Back Better agenda that would provide a pathway to citizenship for illegal immigrants

In a statement released on Twitter, Sinema argued that delaying the vote was 'deeply disappointing' and a betrayal of the trust of the American people

'I have never, and would never, agree to any bargain that would hold one piece of legislation hostage to another.'

Sinema also argued that she worked to deliver the infrastructure bill while also engaging in 'good faith negotiations' on the reconciliation package.

 

The video of Sinema being confronted in the bathroom came on the same day that another group of activists confronted Sen. Joe Manchin, of West Virginia — the Democratic party's other key holdout on the legislation. 

In a video capturing the exchange, Manchin, aboard his $700,000 yacht named Almost Heaven, assured the West Virginian kayakers that Democrats were working to pass a reasonable bill.

West Virginians are kayaking to Joe Manchin's yacht and demanding he explain why he's stopping the reconciliation bill from advancingpic.twitter.com/Q09OC1aEHo

— Eoin Higgins (@EoinHiggins_) October 1, 2021

Sen. Joe Manchin, of West Virginia, spoke to protesters from aboard his $700,000 yacht

 

Protesters kayaked to the ship to ask why their senator would not support his own party's $3.5 trillion infrastructure bill 

__________________________________________________________________

A DRESS IS A POLITICAL STRATEGY...

Another line of argument is what I see as the third-wave feminist response to our culture’s obsession with women’s bodies as their only worth, which is: We should never acknowledge what a woman looks like. I have heard people proclaim emphatically, for instance, “Never comment on a person’s body.” To the extent that Sinema’s clothes are worn on her body, the logic goes, we should never comment on her clothing.

This line of reasoning stems from a really decent impulse, for the most part, and that impulse is a response to a fact that research reveals: Women are judged unfairly in the workplace for their looks, their bodies and their clothing. . .

EQUAL TIME

WHEN ONE WOMAN TELLS ON THE WARDROBE OF THE WARDROBE OF ANOTHER WOMAN

Opinion

Supported by

Continue reading the main story

 

Tressie McMillan Cottom

Why We Should Talk About What Kyrsten Sinema Is Wearing

Oct. 29, 2021

Credit...Diana Ejaita

 

By Tressie McMillan Cottom

Opinion Writer

"I spent the past week in Nashville, where I’ve been reporting a story and doing background for a book project. It was a wonderful trip. Great people, great music and a complicated new-urban Southern city. There weren’t enough masks for my liking but there was great culture.

As I was leaving, an important question pushed itself to the fore of the national conversation: What the heck is Kyrsten Sinema wearing?

You may have seen Sinema, Democratic senator from Arizona, wearing a distressed denim vest as she presided over the Senate. To someone who loves folk music and just left Nashville (me), the look was serving classic Aaron Neville vibes. I was not the only one to pick up on that similarity, as evidenced by this social media exchange where Aaron Neville himself claims (correctly) that he wore it better.

The politics around the two bills President Biden is trying to pass — a bipartisan infrastructure bill and a budget reconciliation bill — have centered on two senators: Joe Manchin and Sinema. Both have been analyzed and critiqued for their political performance as outsider centrist Democrats, but Sinema is particularly interesting, especially this past week.

Given the high legislative stakes, it is easy to treat Sinema’s aesthetics as unimportant. But those aesthetics are part of the way she courts, manipulates and plays with public attention as a political figure. Politicians are part of the cultural and economic elite. Their choices are always about public perception. In that context, a dress is never just a dress. It is always strategy.

 

 

 

 

 

 

QQ