hacking

https://nrkbeta.no/2021/03/09/microsoft-exchange-la-igjen-bakdor-hos-trondersk-kollektivselskap/

Norske virksomheter har den siste uken jobbet mot klokka med å installere en kritisk sikkerhetsoppdatering. De som ikke er raske nok kan bli ofre for spionasje og løsepengevirus.
Norsk sikkerhetsmyndighet (NSM) advarer om at en mye brukt Microsoft-løsning for e-post bør anses som «mulig kompromittert» om nødvendige sikkerhetsoppdateringer ikke ble gjort innen onsdag i forrige uke.

Søndag kveld viste undersøkelser gjort av sikkerhetsselskapet Defendable at minst 269 Microsoft-servere i Norge fortsatt manglet disse oppdateringene.

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

By all accounts, rooting out these intruders is going to require an unprecedented and urgent nationwide clean-up effort. Adair and others say they’re worried that the longer it takes for victims to remove the backdoors, the more likely it is that the intruders will follow up by installing additional backdoors, and perhaps broadening the attack to include other portions of the victim’s network infrastructure.

KrebsOnSecurity has seen portions of a victim list compiled by running such a tool, and it is not a pretty picture. The backdoor web shell is verifiably present on the networks of thousands of U.S. organizations, including banks, credit unions, non-profits, telecommunications providers, public utilities and police, fire and rescue units.

“It’s police departments, hospitals, tons of city and state governments and credit unions,” said one source who’s working closely with federal officials on the matter. “Just about everyone who’s running self-hosted Outlook Web Access and wasn’t patched as of a few days ago got hit with a zero-day attack.”

https://www.bbc.com/news/technology-56321567

The European Banking Authority’s email servers have been compromised in a global Microsoft Exchange cyber-attack.

The EU body said personal data may have been accessed from its servers. And it had pulled its entire email system offline while it assessed the damage.

https://www.drammen.kommune.no/om-kommunen/aktuelt/hackerangrep/

Drammen kommune har vært utsatt for et hackerangrep på en mindre del av infrastrukturen for vann og avløp.
Kommunen har kontroll på situasjonen, og alle vann- og avløpssystemer fungerer som normalt. Ingen av kommunens innbyggere er berørt av situasjonen, og ingen personopplysninger er på avveie.

https://www.nytimes.com/2021/02/08/us/oldsmar-florida-water-supply-hack.html

Hackers remotely accessed the water treatment plant of a small Florida city last week and briefly changed the levels of lye in the drinking water, in the kind of critical infrastructure intrusion that cybersecurity experts have long warned about.

the level of sodium hydroxide — the main ingredient in drain cleaner — was changed from 100 parts per million to 11,100 parts per million, dangerous levels that could have badly sickened residents if it had reached their homes.

https://www.nrk.no/innlandet/kan-ta-et-halvt-ar-for-ostre-toten-a-rette-opp-dataangrep-1.15364106

Den første uka var mange helt uten e-post.

Sosialhjelpsmottakere måtte skrive søknader på nytt.

Alle PC-er måtte formateres og få lagt til ny programvare.

Det er stor fare for at sensitive data er kommet på avveie.

Også sikkerhetskopier ble slettet av angriperne.

Ansatte måtte jobbe med penn og papir i starten.

Angrepet vil trolig koste minst 10 millioner kroner.

https://arstechnica.com/information-technology/2021/01/telegram-feature-exposes-your-precise-address-to-hackers/

Messenger maker has expressed no plans to fix location disclosure flaw.

People Nearby poses the biggest threat to people using Android devices, since they report a user’s location with enough granularity to make Hassan’s attack work. The recently released iOS 14, by contrast, allows users to divulge only a rough approximation of their location. People who use this feature aren’t as exposed.

https://www.nrk.no/trondelag/riksrevisjonen-hacket-helseregionene_-fikk-pasientopplysninger-til-flere-hundre-tusen-pasienter-1.15294490

I det simulerte dataangrepet mot Norges fire helseregioner, prøvde Riksrevisjonen å lage støy for å bli avslørt.

Likevel klarte de å gjøre det de fryktet: Å hacke seg tilgang på sensitiv, taushetsbelagt informasjon om norske pasienter.

I Helse Sør-Øst fikk de tilgang på helseinformasjonen til svært mange. I de tre andre fikk de tilgang på helseinformasjonen til absolutt alle.

– Vi påpekte alvorlige feil for fire år siden, og det var et angrep også i 2018. Det virker som det ikke er blitt gjort så mye mer med datasikkerheten ved norske sykehus etter det. Sykehusene i Norge ligger langt bak grunnleggende krav til IKT-sikkerhet, sier Gohn-Hellum.

https://www.embedded.com/tesla-model-x-hacked-with-195-raspberry-pi-based-board/

The Belgian researchers first informed Tesla of the identified issues on the 17th of August 2020. Tesla confirmed the vulnerabilities, awarded their findings with a bug bounty and started working on security updates. As part of the 2020.48 over-the-air software update, that is now being rolled out, a firmware update will be pushed to the key fob.

https://www.wired.co.uk/article/ransomware-hospital-death-germany

German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning