IT Security Newsletter - 5/19/2021
Botnet traced to computer at hacked Florida water plant
On Feb. 5, an unidentified hacker broke into the computer system of a treatment plant in the Florida town of Oldsmar and temporarily changed the plant's sodium hydroxide setting to a potentially dangerous level, according to local officials. It turns out that hacker wasn't alone on the network. Industrial security firm Dragos on Tuesday revealed a separate suspected intrusion that same day of one of the Oldsmar Water Treatment Facility's computers. READ MORE...
Unsuccessful Conti Ransomware Attack Still Packs Costly Punch
Ireland's department of health services continues to grapple with a ransomware attack that occurred last week by the Conti gang. Officials state the attack will cost tens of millions to repair, even though attackers were not successful in their attempt to encrypt systems on Ireland's Department of Health (DoH) systems. "Hundreds of people" are still "working flat out" to get all Ireland DoH services and systems up and running, Irish Health Minister Stephen Donnelly tweeted late Monday. READ MORE...
DarkSide ransomware made $90 million in just nine months
The DarkSide ransomware gang has collected at least $90 million in ransoms paid by its victims over the past nine months to multiple Bitcoin wallets. Around 10% of the profit came in one week from attacking just two companies: Colonial Pipeline, the largest oil pipeline system in the United States, and Brenntag, a large chemical distribution company in Germany. Blockchain analysis company Elliptic found and analyzed ransom payments made to DarkSide from 47 distinct Bitcoin wallets. READ MORE...
MountLocker ransomware uses Windows API to worm through networks
The MountLocker ransomware operation now uses enterprise Windows Active Directory APIs to worm through networks. MountLocker started operating in July 2020 as a Ransomware-as-a-Service (RaaS) where developers are in charge of programming the ransomware software and payment site, and affiliates are recruited to hack businesses and encrypt their devices. As part of this arrangement, the MountLocker core team receives a smaller cut of 20-30% of a ransom payment, while the affiliate gets the rest. READ MORE...
Bug Exposed Eufy Camera Private Feeds to Random Users
Owners of Eufy home security cameras were warned this week of an internal server bug that allowed strangers to view, pan and zoom in on their home-video feeds for approximately one day. Inversely, customers were also suddenly given access to do the same to other users. The SNAFU, according to experts, is a stark reminder of the security-challenged consumer market for wireless cameras that have caused major headaches for a long list of vendors including Amazon, Google and ADT. READ MORE...
Researchers Find Exploitable Bugs in Mercedes-Benz Cars
Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. The vulnerabilities were found in the Mercedes-Benz User Experience (MBUX), the infotainment system initially introduced on A-class vehicles in 2018, but has since been adopted on the car maker's entire vehicle line-up. READ MORE...
- ...in 1749, King George II of England grants the Ohio Company a charter of several hundred thousand acres of land around the forks of the Ohio River.
- ...in 1951, musician Jeffrey Ross Hyman AKA Joey Ramone, the lead singer of classic punk rock group the Ramones, is born in Queens, NY.
- ...in 1963, the New York Post Sunday Magazine publishes Dr. Martin Luther King Jr.'s "Letter from Birmingham Jail".
- ...in 1984, "Press Your Luck" contestant Michael Larson exploits a flaw in the game show's "random" prize board to win USD $110,000 in a single night.