Comments on: Cyber security news May 2021

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 08:02:35 +0000

Interpol Says 585 People Arrested in APAC Operation Against Cyber-Enabled Crime
https://www.securityweek.com/interpol-says-585-people-arrested-apac-operation-against-cyber-enabled-crime

Interpol revealed last week that specialized law enforcement officers in the Asia-Pacific (APAC) region intercepted more than $83 million in fraudulent money transfers as part of a six-month coordinated effort aimed at cyber-enabled financial crime.

Codenamed HAECHI-I, the operation mainly targeted five types of online financial crime: investment fraud, money laundering (from illegal online gaming), online sextortion, romance scams, and voice phishing (vishing).

The operation resulted in over 1,600 bank accounts worldwide being frozen as part of roughly 1,400 investigations opened between September 2020 and March 2021, with a total of 892 cases being solved.

As part of the effort, authorities arrested a total of 585 individuals, Interpol says.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 08:01:12 +0000

SonicWall Patches Command Injection Flaw in Firewall Management Application
https://www.securityweek.com/sonicwall-patches-command-injection-flaw-firewall-management-application

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 08:00:57 +0000

Cybercriminals Target Companies With New ‘Epsilon Red’ Ransomware
https://www.securityweek.com/cybercriminals-target-companies-new-epsilon-red-ransomware

A new piece of ransomware named Epsilon Red has been used to target at least one organization in the United States, and its operators have apparently already made a significant profit.

Cybersecurity firm Sophos reported last week that Epsilon Red operators have been spotted targeting a US-based company in the hospitality sector. The cryptocurrency address provided by the cybercriminals shows a bitcoin transaction for an amount worth roughly $210,000, which seems to indicate that at least one victim has agreed to pay the ransom demanded by the cybercriminals.

Sophos researchers noticed that the ransom note dropped by Epsilon Red is similar to the one displayed by the REvil ransomware, but Epsilon Red’s ransom note is better written — it does not contain some of the grammar errors in the REvil note.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:52:06 +0000

CISA-FBI Alert: 350 Organizations Targeted in Attack Abusing Email Marketing Service
https://www.securityweek.com/cisa-fbi-alert-350-organizations-targeted-attack-abusing-email-marketing-service

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:05:21 +0000

A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely https://thehackernews.com/2021/05/a-new-bug-in-siemens-plcs-could-let.html
Siemens on Friday shipped firmware updates to address a severe vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to remotely gain access to protected areas of the memory and achieve unrestricted and undetected code execution, in what the researchers describe as an attacker’s “holy grail.”

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:04:18 +0000

Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors https://thehackernews.com/2021/05/your-amazon-devices-to-automatically.html
Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors unless you choose to opt-out.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:03:48 +0000

US Army tells remote workers to switch off their IoT devices (and then withdraws advice) https://www.bitdefender.com/box/blog/iot-news/us-army-tells-remote-workers-switch-off-iot-devices-withdraws-advice/
The US Army appears to have made a strategic withdrawal from advice it issued to remote workers last week about their use of smart IoT devices. The message from the Army’s Chief Information Officer Dr Raj Iyer on how to protect and safeguard Department of Defense data by making more efforts to mitigate data leaks was clear: Remove all IoT devices, with listening functions, from the work area. Furthermore, the initial announcement of the policy’s existence has also been removed although a copy remains in a Google cache.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:03:30 +0000

Swedish Health Agency shuts down SmiNet after hacking attempts https://www.bleepingcomputer.com/news/security/swedish-health-agency-shuts-down-sminet-after-hacking-attempts/
The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts. SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening. While no evidence of unauthorized parties accessing sensitive information was found so far, the investigation will take at least a few more days until the reporting process will be restarted.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 07:03:06 +0000

NSA spied on European politicians through Danish telecommunications hub https://therecord.media/nsa-spied-on-european-politicians-through-danish-telecommunications-hub/
Denmark’s foreign secret service allowed the US National Security Agency to tap into a crucial internet and telecommunications hub in Denmark and spy on the communications of European politicians, a joint investigation by some of Europe’s biggest news agencies revealed on Sunday. The covert spying operation, called Operation Dunhammer, took place between 2012 and 2014, based on a secret partnership signed by the two agencies.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Jun 2021 04:59:38 +0000

https://thehackernews.com/2021/05/your-amazon-devices-to-automatically.html?m=1

Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors — unless you choose to opt-out.

To that effect, the company intends to register all compatible devices that are operational in the U.S. into an ambitious location-tracking system called Sidewalk as it prepares to roll out the shared mesh network in the country.