Yet Another Security Blog

  Summary The Colonial pipeline hack dominated the news cycle this week.  This is probably the largest infrastructure hack in the history of the world. It is probable that this event will be in the news for weeks to come.   News Colonial Pipeline Ransomware Hack This may end up being the largest infrastructure attack in U.S. history.  From the various reports, it looks like the threat actor that launched the attack is Darkside.  Darkside is a group thought to be Russian as they avoid Russian companies and others in Russian speaking former Eastern Block countries.  They released a statement Monday saying that it was an affiliated group and they were vowing to reign in their partners in the future to avoid causing social and political strife.  In the past, the  Darkside group has held themselves as social justice warriors taking down corrupt corporations and has been known to donate 10% of their ransoms to charities.   While none have indicated the Russian government is behind the attack

  Summary Spent a week driving around the western US then had to get caught up with work and school, so didn't have the time nor ability to post an update.  Here is what has happened over that time frame. For such a long time period there really is not too much actual news.  In my scanning of sites, it appears that the focus has returned to financial sectors and work from home attacks.  One of the things I have noted over the years is that these things tend to be cyclic, which could indicate that there is some dark web coordination that security practitioners are not yet privy to (though nation-state experts might be).   News Washington D.C. police server hacked by Russian group A Russian hacking group named Babuk posted screenshots that seek to prove that they have accessed several databases by the Washington D.C. police department.  The group left a text document on their network outlining how to pay the ransom to get locked files back and to bribe them not to release the data to