ZDNet

NASA hacked because of unauthorized Raspberry Pi connected to its network

ZDNet

A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency’s network and stole approximately 500 MB of data related to Mars missions.

The point of entry was a Raspberry Pi device that was connected to the IT network of the NASA Jet Propulsion Laboratory (JPL) without authorization or going through the proper security review.

Full article

ZDNet

Mysterious Iranian group is hacking into DNA sequencers

ZDnet

Web-based DNA sequencer applications are under attack from a mysterious hacker group using a still-unpatched zero-day to take control of targeted devices.

The attacks have started two days ago, on June 12, and are still going on, according to Ankit Anubhav, a security researcher with NewSky Security, who shared his findings with ZDNet.

Anubhav says the group, which operates from an Iran-based IP address, has been scanning the internet for dnaLIMS, a web-based application installed by companies and research institutes to handle DNA sequencing operations.

The researcher told ZDNet the hacker is exploiting CVE-2017-6526, a vulnerability in dnaLIMS that has not been patched to this day after the vendor was notified back in 2017.

Full article

ZDNet

Security bug would have allowed hackers access to Google’s internal network

ZDNet

A young Czech bug hunter has found a security flaw in one of Google’s backend apps. If exploited by a malicious threat actor, the bug could have allowed hackers a way to steal Google employee cookies for internal apps and hijack accounts, launch extremely convincing spear-phishing attempts, and potentially gain access to other parts of Google’s internal network.

This attack vector was discovered by security researcher Thomas Orlita in February, this year, and has been patched in mid-April, but only now made public.

Full article

ZDNet

Microsoft warns about email spam campaign abusing Office vulnerability

ZDNet

Microsoft’s security researchers have issued a warning on Friday afternoon about an ongoing spam wave that is spreading emails carrying malicious RTF documents that infect users with malware without user interaction, once users open the RTF documents.

Microsoft said the spam wave appears to target European users, as the emails are sent in various European languages.

Full article

ZDNet

For two hours, a large chunk of European mobile traffic was rerouted through China

ZDNet

For more than two hours on Thursday, June 6, a large chunk of European mobile traffic was rerouted through the infrastructure of China Telecom, China’s third-largest telco and internet service provider (ISP).

The incident occurred because of a BGP route leak at Swiss data center colocation company Safe Host, which accidentally leaked over 70,000 routes from its internal routing table to the Chinese ISP.

The Border Gateway Protocol (BGP), which is used to reroute traffic at the ISP level, has been known to be problematic to work with, and BGP leaks happen all the time.

However, there are safeguards and safety procedures that providers usually set up to prevent BGP route leaks from influencing each other’s networks.

But instead of ignoring the BGP leak, China Telecom re-announced Safe Host’s routes as its own, and by doing so, interposed itself as one of the shortest ways to reach Safe Host’s network and other nearby European telcos and ISPs.

Full article

ZDNet

Germany: Backdoor found in four smartphone models; 20,000 users infected

ZDNet

The German Federal Office for Information Security (or the Bundesamt für Sicherheit in der Informationstechnik — BSI) has issued security alerts today warning about dangerous backdoor malware found embedded in the firmware of at least four smartphone models sold in the country.

Impacted models include the Doogee BL7000, the M-Horse Pure 1, the Keecoo P11, and the VKworld Mix Plus (malware present in the firmware, but inactive). All four are low-end Android smartphones.

Full article

ZDNet

Russian military moves closer to replacing Windows with Astra Linux

ZDNet

Russian authorities have moved closer to implementing their plan of replacing the Windows OS on military systems with a locally-developed operating system named Astra Linux.

Last month, the Russian Federal Service for Technical and Export Control (FSTEC) granted Astra Linux the security clearance of “special importance,” which means the OS can now be used to handle Russian government information of the highest degree of secrecy.

Full article

ZDNet

Hackers are scanning for MySQL servers to deploy GandCrab ransomware

ZDNet

At least one Chinese hacking crew is currently scanning the internet for Windows servers that are running MySQL databases so they can infect these systems with the GandCrab ransomware.

These attacks are somewhat unique, as cyber-security firms have not seen any threat actor until now that has attacked MySQL servers running on Windows systems to infect them with ransomware.

Full article