CYBER NEWS UPDATE #65

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cybersecurity in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

This week we can see a live demonstration of the importance of cyber security!

UF Health from Central Florida has suffered a reported ransomware attack that forced two hospitals to shut down portions of their IT network.

The University of Florida Health, also known as UF Health, is a healthcare network of hospitals and physician practices that provide care to countries throughout Florida.

While ransomware has been a scourge on businesses worldwide since 2012, it has recently received increased scrutiny due to recent attacks on critical infrastructure, healthcare systems, and food suppliers. Last month, the DarkSide ransomware operation attacked Colonial Pipeline, the largest US fuel pipeline. It led to a temporary shutdown of fuel transport to the southeast and northeast of the United States.

Surprisingly, it seems that It’s the second data breach involving UF Health since last August when one of its contractors was compromised by ransomware. 

So, it’s been less than one year since the last successful ransomware attack and now the organization is facing again the same type of cyber attack! official response was: “UF Health Central Florida detected unusual activity involving its computer servers. Our information technology team is collaborating with IT experts on our Gainesville and Jacksonville campuses to investigate the situation and mitigate any potential risks.”

In 2020, there were nearly 4,000 publicly reported data breaches. In just 23 of them, more than 2 billion records were exposed, and, health care was the most victimized sector, accounting for 12% of those breaches.

Organizations should remember that even if they got hacked once it doesn’t mean hackers will not try to hack them again.


View of a half cow chunks fresh hung and arranged in a row in a large fridge in the fridge meat factory.

A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants, wiping out output from facilities that supply almost a quarter of American supplies.

It’s unclear exactly how many plants globally have been affected by the ransomware attack as Sao Paulo-based JBS has yet to release those details. The prospect of more extensive shutdowns worldwide is already upending agricultural markets and raising concerns about food security as hackers increasingly target critical infrastructure. Livestock futures slumped, while pork prices rose.

JBS suspended it’s North American and Australian computer systems on Sunday after an organized assault on some of its servers, the company said in a statement. Without commenting on plant operations, JBS said the incident may delay certain transactions with customers and suppliers.

President Joe Biden directed his administration to do whatever it can to mitigate the impact on the meat supply. 

“Attacks like this one highlight the vulnerabilities in our nation’s food supply chain security, and they underscore the importance of diversifying the nation’s meat processing capacity,” said U.S. Senator John Thune of South Dakota.

A Russian cyber-criminal group was behind a ransomware attack that has targeted the world’s largest meat processing company, the FBI has said. The FBI said it was working to bring the REvil group to justice for the hack on JBS.

REvil – also known as Sodinokibi which we covered before – is one of the most prolific and profitable cyber-criminal groups in the world.

“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice,” the FBI statement said.

The White House said on Wednesday that US President Joe Biden would bring up the issue of cyber-attacks when he meets Russian President Vladimir Putin in two weeks.

The presidents of the two nations are going to discuss cyber attacks,

The world have changed and cyber attacks are important and critical as other national subjects.

The company has not disclosed whether it paid the hackers.

Most of Revil members are believed to be based in Russia or countries that were formerly part of the Soviet Union.

REvil is known as a ransomware-as-a-service (RAAS) enterprise for the way it operates. This involves ransomware developers recruiting affiliates, or partners, to spread their malicious malware.

If the attacks are successful, developers take a percentage of the earned income and provide the other portion to the affiliates.

The group threatens to post stolen documents on its website – known as the “Happy Blog” – if victims don’t comply with its demands.

One of the group’s best-known attacks was on an Apple Inc supplier named Quanta Computer Inc earlier this year. In a note posted on the dark web, the group said it would release sensitive internal documents unless it received $50m in ransom.

REvil was also linked to a coordinated attack on nearly two dozen local governments in Texas in 2019.



That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.

댓글 남기기