We round up the week’s most important cybersecurity news.
- \n
- Experts documented a series of service blocks in Russia using threat-prevention equipment (TSPU).
- Chrome fixed two zero-day vulnerabilities.
- Media dubbed Telegram the “new darknet,” noting a substantial rise in the platform’s popularity among cybercriminals.
\n
\n\n\n\n
Russia sees a wave of blocks on various services
\n\n\n\n
On the evening of September 15, Russian users began experiencing access issues to Google Docs and telegra.ph. Experts stated that the services are being blocked with threat-prevention equipment (TSPU).
\n\n\n\n
The creator of Red Shield VPN Vladislav Zdolnikov also reported that his service was blocked through TSPU.
\n\n\n\n
Presumably the blocks are linked to publication of the “Smart Voting” lists.
\n\n\n\n
Apple disabled for Russian users the function that encrypts traffic
\n\n\n\n
Apple, without explanation, disabled for Russian users the Private Relay feature, reported by several media outlets. It is designed to provide privacy by concealing the real IP address and encrypting network traffic.
\n\n\n\n
Earlier, Private Relay was announced as an enhanced VPN by Apple. The feature was available in beta versions of iOS 15 and macOS Monterey.
\n\n\n\n
REvil hackers resume activity
\n\n\n\n
Bitdefender published a universal decryptor for files affected by REvil ransomware attacks.
\n\n\n\n
\n\n\n\n
The decryptor works for data encrypted up to July 13. On that date, the group’s sites went offline.
\n\n\n\n
Yet after several months of lull, REvil is back again. Earlier resumed operation of the hackers’ site, and now group members have published screenshots of data stolen from a new victim.
\n\n\n\n
Media dubbed Telegram “the new darknet for cybercriminals”
\n\n\n\n
The Financial Times, in collaboration with cybersecurity firm Cyberint, conducted an investigation and found that Telegram is rapidly gaining popularity among hackers.
\n\n\n\n
According to the media, Telegram is increasingly used by cybercriminals as a platform for trading and exchanging stolen data and various hacking tools.
\n\n\n\n
Cyberint analysts Tal documented more than a 100% increase in attacker activity on Telegram.
\n\n\n\n
Chrome fixed two zero-day vulnerabilities
\n\n\n\n
Google developers unveiled a new version of Chrome for Windows, Mac and Linux, in which eleven bugs were fixed. Two of them are zero-day vulnerabilities and are already being exploited in attacks.
\n\n\n\n
Operators oppose data transfers of subscribers to Roskomnadzor without court decision
\n\n\n\n
The new law on combating gray SIM cards obliges operators to transfer information about corporate subscribers to Roskomnadzor. However, companies believe that some data cannot be transmitted without a court decision.
\n\n\n\n
Specifically, operators must provide Roskomnadzor with the passport data of corporate subscribers, information about the employer, device data and the unique SIM card number (IMSI).
\n\n\n\n
Also on ForkLog:
\n\n\n\n
- DeFi project on the Avalanche blockchain was hacked for $3.2 million.
- CEO of Cloudflare stated that cryptocurrency exchanges have become a popular target for hackers.
- A hacker stole more than $3 million from the MISO platform on SushiSwap, and later returned all stolen funds.
- In the US Senate called for tighter oversight of cryptocurrency use by ransomware programs.
- Trend Micro researchers noted that ransomware has become the primary cybersecurity threat in the first half of 2021.
- In the Russian Central Election Commission they reported DDoS-attacks during remote voting.
- Experts reported that personal data of nearly 2 million Beeline customers leaked into the network.
\n\n\n\n
What to read this weekend?
\n\n\n\n
Hacker extortion campaigns demanding cryptocurrency for decrypting files have drawn government attention to the crypto industry. ForkLog unpacks the implications for Bitcoin in a separate piece.
\n\n\n\n
Read ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, rates and analysis.
\n”