This is a weekly series to highlight the best articles and news stories going on in the Community.
What was your favorite story? What topics would you like to see? Sound off in the comments!
Cyber News Rundown: Atlanta Ransomware Attack
City of Atlanta Faces Ransomware Roadblock
In the past week, the city of Atlanta has been dealing with the aftermath of a ransomware attack that effectively halted the police department’s Special Operations Section, which monitors non-emergency city functions. In a surprising twist, however, the ransomware author’s contact portal was leaked through several media outlets, prompting the author to remove the portal entirely and leaving the city with no means of paying the ransom. While the city was able to quickly return to normal operations for most employees, the recovery process will likely be ongoing for some time.
Facebook’s Data Collection Larger Than First Thought
Over the past week or so, researchers have been taking a deeper look into the data being collected by Facebook, with or without users’ permission. It was revealed that, due to lax API permissions for the Facebook installation on older versions of Android, Facebook was allowed to gather both call and SMS logs without user opt-ins. For some, extensive details of calls made by users were meticulously stored for up to several years. Details included call duration, recipient, and the date and time of the call. While Facebook claims any stored data is deleted if the user chooses to revoke permissions, users have been able to download their own data after removing the app, as the opt-in feature is the default setting when installing Facebook for the first time.
UK Anti-Doping Agency Hit By Cyber Attack
Recently, the UK’s anti-doping agency was targeted by an attack attempting to access drug testing and medical recordsfor athletes. A Russian hacking group is believed to be responsible, as the attack comes not long after a doping scandal that affected several Russian athletes. Fortunately, the anti-doping agency has confirmed that no data was compromised in the attack and a simple reboot of their servers was all the remediation necessary.
For more stories you might have missed this week, read the rest of the Cyber News Rundown.