Tag Archive for: francisco

San Francisco 49ers confirm ransomware attack


The San Francisco 49ers NFL team has fallen victim to a ransomware attack that encrypted files on its corporate IT network, a spokesperson for the team has told The Record.

The team confirmed the attack earlier today after the operators of the BlackByte ransomware listed the team as one of their victims on Saturday on a dark web “leak site” the group typically uses to shame victims and force them into paying their extortion demands.

BlackByte-ransomware
Image: Screenshot of the BlackByte 49ers extortion page (via @CyberKnow20)

“Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident,” the team told us earlier today.

“While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders,” it added.

The team said it notified law enforcement and is working with third-party cybersecurity firms to investigate the attack.

“[W]e are working diligently to restore involved systems as quickly and as safely as possible,” the team said.

Attack could have been catastrophic in “what if?” scenario

The attack could have been catastrophic if the team had qualified for Super Bowl LVI, which will take place later today.

The 49ers dramatically lost 17 to 20 after the Los Angeles Rams mounted a 4th quarter comeback in the NFC Championship game two weeks ago.

If they had made it to the Super Bowl, this ransomware attack could have seriously disrupted the team’s game preparations, bringing ransomware to the forefront of the US media cycle once again after several high-profile incidents last year, including one that took place over the 4th of July weekend.

Nonetheless, it is unclear how the current attack will impact the team’s plan for the next NFL season/year, which will start later this month with the free agency signing period, NFL Combine event, and subsequent NFL Draft.

FBI warns about BlackByte attacks

As for the attackers, the BlackByte ransomware gang is one of the smaller ransomware operations active today, operating on a RaaS…

Source…

‘The Internet’s On Fire;’ Software Vulnerability May Enable Worldwide Hack Attacks – CBS San Francisco


BOSTON (AP) — A critical vulnerability in a widely used software tool — one quickly exploited in the online game Minecraft — is rapidly emerging as a major threat to organizations around the world.

“The internet’s on fire right now,” said Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch,” he said, “and all kinds of people scrambling to exploit it.” He said Friday morning that in the 12 hours since the bug’s existence was disclosed that it had been “fully weaponized,” meaning malefactors had developed and distributed tools to exploit it.

The flaw may be the worst computer vulnerability discovered in years. It was uncovered in a utility that’s ubiquitous in cloud servers and enterprise software used across industry and government. Unless it is fixed, it grants criminals, spies and programming novices alike easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more.

“I’d be hard-pressed to think of a company that’s not at risk,” said Joe Sullivan, chief security officer for Cloudflare, whose online infrastructure protects websites from malicious actors. Untold millions of servers have it installed, and experts said the fallout would not be known for several days.

Amit Yoran, CEO of the cybersecurity firm Tenable, called it “the single biggest, most critical vulnerability of the last decade” — and possibly the biggest in the history of modern computing.

The vulnerability, dubbed “Log4Shell,” was rated 10 on a scale of one to 10 the Apache Software Foundation, which oversees development of the software. Anyone with the exploit can obtain full access to an unpatched computer that uses the software,

Experts said the extreme ease with which the vulnerability lets an attacker access a web server — no password required — is what makes it so dangerous.

New Zealand’s computer emergency response team was among the first to report that the flaw was being “actively exploited in the wild” just hours after it was publicly reported Thursday and a patch released.

The vulnerability, located in open-source…

Source…

San Francisco Safeway Increases Security Measures – NBC Bay Area


Smash-and-grabs are not only impacting Louis Vuitton, Nordstrom and other pricey stores — they’re also impacting everyday shopping like Safeway and local restaurants.

At Safway at Market and Church in San Francisco, customers said it’s a common sight.

“The old self-checkout, people would just walk out without paying,” said shopper Jeff Lyons.

Management has reduced store hours, closed a main entrance, locked up most products, and installed fencing inside.

There is only one way in and one way out and the new layout is getting mixed reaction.

“It feels safer before, it was getting a little crazy,” said Lyons.

In a statement, Safeway says in part, “Like other local businesses, we are working on ways to curtail escalating theft to ensure the wellbeing of our employees and to foster a welcoming environment for our customers.”

Security guards are visible, and to prevent shopping cart theft not all of them are allowed outside.

Some say it doesn’t go far enough.

“I’m hoping they can close the doors to keep people from escaping,” said shopper Murray Heitzer.

He added that he wants thieves stopped in their tracks. He says he’s worried the store will be closed if the trend continues.

“Closing the store is gonna affect me personally,” said Heitzer.

Other businesses in the city are also experiencing theft.

At RT Rotisserie in Hayes Valley, someone broke in and stole the register at 4 a.m. Monday.

A post on Instagram said it was not the first time.

Source…

OpenTable Joins With Secure ID Firm CLEAR To Streamline Vaccine Verification For Diners, Restaurants – CBS San Francisco


SAN FRANCISCO (CBS SF) — As San Francisco and other major cities begin requiring proof of a COVID vaccination for indoor dining, online restaurant reservation provider OpenTable is partnering with secure identity firm CLEAR to help establishments check diners’ vaccine status.

San Francisco-based OpenTable said Wednesday that when diners use the app to make a reservation at a restaurant requiring vaccination, it will display a “CLEAR” banner on the reservation confirmation page linking to instructions on creating a digital vaccine card on the CLEAR app.

READ MORE: UPDATE: 12-Year-Old Killed, Woman Critically Hurt In Train Crash Involving Multiple Vehicles In Oakley

The CLEAR digital vaccine card will appear on the OpenTable app for easy proof of vaccination. The CLEAR vaccine card connects a person’s verified identity to their proof of vaccination from hundreds of vaccine providers across the country, including the state of California and national pharmacies.

“Our partnership with CLEAR furthers our commitment to help both restaurants and diners navigate dining out in the next chapter of the pandemic,” said OpenTable CEO Debby Soo in a press statement. “This collaboration aims to streamline restaurant entry, saving time for both restaurant staff and diners and lets everyone focus on the meal – not the logistics.”

The OpenTable/CLEAR integration is expected to launch in September on OpenTable’s iPhone and Android apps.

Last week, San Francisco began requiring businesses in high-contact indoor sectors such as bars, restaurants, indoor gyms and entertainment venues to obtain proof of vaccination from their patrons and employees, the first health order of its kind in the nation.

READ MORE: Labor, Community Leaders Urge ‘No’ Vote On Newsom Recall At Oakland Rally

The mandate follows a number of tough COVID-19 measures San Francisco imposed since the beginning of the pandemic. The city and its neighboring counties in the Bay Area were the first in the nation to order residents to stay at home in order to slow the spread of the coronavirus and was the first big city in the nation to require all city employees to be vaccinated, without the option of testing…

Source…