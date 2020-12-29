Security Leftovers One month after ransomware attack, Metro Vancouver’s transit system still not up to speed [iophk: Windows TCO] The attack, at the beginning of December 2020, saw [crackers] access company databases, plant the Egregor ransomware which locked down systems by encrypting data files, and even churn out a ransom note on hijacked printers.

[Old] Metro Vancouver and the world's largest staffing firm hit by Egregor ransomware [iophk: Windows TCO] Two major organizations — Randstad, the world's largest staffing agency and Translink, the Metro Vancouver transporting agency — fell victim to Egregor ransomware attacks. The Egregor ransomware group is found to be highly operational in recent times, and it continues to wreak havoc on enterprises. Egregor ransomware caused disruptions to the Chilean retail giant Cencosud recently followed by an attack on Kmart. Randstad has mentioned that the Egregor ransomware group has disclosed one percent of the stolen data and has exposed 32.7 MB of data with 184 files. Randstad is a global staffing agency with offices in 38 markets and has an employee count of 38,000 with a revenue of €23.7 billion in 2019. Randstad is also the owner of the popular employment website monster.com. Randstad has also mentioned that only a limited number of servers were compromised and its team is doing its best to resolve the situation.

LibreSSL languishes on Linux The OpenSSL project, though, has merged over 5,000 patches during approximately the same time period; that work came from 276 developers. Just as importantly, much of that work is supported by organizations that depend on OpenSSL; large contributors include Oracle, Siemens, Akamai, Red Hat, IBM, VMware, Intel, and Arm — along with the OpenSSL Software Foundation itself. This level of support has enabled the OpenSSL project to address many of its longstanding problems; by 2016, the project was on a much more stable footing. Security problems still exist, of course — this is software we are talking about, after all — but they are dealt with in a coordinated way and people don't worry about OpenSSL as they once did. One result of all this work is that Linux distributions have, in general, not shifted away from OpenSSL. Two distributions that did attempt to provide LibreSSL support were Alpine Linux and Gentoo. Alpine Linux supported LibreSSL as its primary TLS library for a while, but switched back to OpenSSL with the 3.9.0 release in January 2019. Gentoo never tried to switch over completely, but it supports LibreSSL as an alternative.

Hamas May Be Threat to 8chan, QAnon Online In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard’s business with Hamas.