Podcast Episode Details

Back to Podcast Episodes
Newspaper Ransomware Attack, How Facebook Tracks You on Android, USB-Type-C Authentication

Newspaper Ransomware Attack, How Facebook Tracks You on Android, USB-Type-C Authentication

This is the 50th episode of the Shared Security Weekly Blaze for January 7th 2019 with your host, Tom Eston. In this week’s episode: Newspaper Ransomware Attack, How Facebook Tracks You on Android, and USB-Type-C Authentication

Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.

Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.

Several large newspapers in the US, owned by media giant Tribune Publishing, started off 2019 by having to respond to a massive ransomware attack that caused major printing and delivery problems. Newspapers affected included the Chicago Tribune, Baltimore Sun, the Los Angeles Times as well as several other Tribune Publishing affiliates.  The attack, which started on December 29th, targeted critical news production systems and other infrastructure responsible for the newspaper printing process. According to the Los Angeles Times, the attack appears to be carried out by a foreign state or other such organization and some sources with knowledge of the attack have said that the malware appears to be a form of “Ryuk” Ransomware which is typically very targeted and has been around since last August where one particular form of Ryuk was found to have collected about $640,000 worth of Bitcoin from victims.

Of course, some are quick to blame the Russians due the .ryk naming convention found on the encrypted files that the malware left behind and because most attacks these days seem easy to attribute back to Russia. However, past origins of Ryuk ransomware may actually have its history tied to North Korea where was determined from a research report last year which reviled that some of the Ryuk source code was actually copied from the Hermes ransomware that was used by the Lazarus Group. The Lazarus Group just happens to be a nation state espionage team previously associated with North Korea. As we all know, attribution is hard. Source code of ransomware can be copied and easily reused by others. The best response for most organizations that are hit with ransomware, like in this most recent example, is to ensure you know how to respond to an attack like this as being hacked for most organizations will most likely happen sometime in the future.

Organizations’ internal networks are overly permissive and can’t distinguish trusted from untrusted applications. Attackers abuse this condition to move laterally through networks, bypassing address-based controls to spread malware. Edgewise abstracts security policies away from traditional network controls that rely on IP addresses, ports, and protocols and instead ties controls directly to applications and their data paths.

Published on 6 years, 11 months ago





If you like Podbriefly.com, please consider donating to support the ongoing development.

Donate

© 2025 Developer Service

DevAsService

DevAsService

Cloud Home Lab

Developer Service

Imaginator

Courses Developer Service

Is It Clickbait