Elektor – Raspberry Pi steelt data van NASA
“De hackers wisten toegang te krijgen tot het interne netwerk van het JPL door het gebruikersaccount van de Raspberry Pi over te nemen. De RPi was door een medewerker op het netwerk aangesloten, maar ten gevolge van lakse controle wisten de netbeheerders van de NASA niet dat de RPi aanwezig was. “
The Hacker News – Two Florida Cities Paid $1.1 Million to Ransomware Hackers This Month
“The ransomware attack … infected Lake City systems on June 10 after an employee in city hall opened a malicious email. Though the IT staff disconnected computers within just 10 minutes of the cyber attack starting, it was too late.”
Nakedsecurity – WeTransfer sends user file links to wrong people
Asymmetric (public key) cryptography is more complex but also more secure because it uses two digital keys for each user – a private (secret) one that is never sent via any channel, and a public (non-secret) one.
Nakedsecurity – Hacker threw Molotov cocktail, dropped USB drive of his DDoS deeds
HLN reports that the case law isn’t clear about whether hacking with ethical purposes is prohibited or not. That’s surprising to hear, particularly if you’re in the US, where prosecutors come down like a ton of bricks on hackers, noble intent or no.
Forbes – NASA Has Been Hacked
“It reveals that an unauthorized Raspberry Pi computer connected to the JPL servers was targeted by hackers, who then moved laterally further into the NASA network.” “Everything from poor IT asset visibility and security violation ticket resolution shortcomings, through to untimely delays in patching known vulnerabilities were detailed by the auditors.”
Tweakers – Lek in systeem van UvA maakte inzage in cijfers van 34.000 studenten mogelijk
“David viel het op dat er een studentnummer in de url stond. Toen logde ik in en vulde zijn studentnummer in. Vervolgens kreeg ik voor een halve seconde zijn naam, naam van het vak en cijfer te zien, waarna we doorverwezen werden naar een foutmelding.”
VRTNWS – Hacking bij bedrijf in vliegtuigonderdelen, 1.000 werknemers in ons land 2 dagen technisch werkloos.
“Werknemers van het bedrijf Asco in Zaventem zijn twee dagen technisch werkloos, omdat de servers van het bedrijf gehackt zijn.”
Arstechnica – Baltiumore’s bill for ransomware: Over $18 million, so far
“Baltimore City Council President Brandon Scott, who will chair a committee reviewing the ransomware incident, published a statement last week calling for the governor to declare a disaster and request funding.”
NakedSecurity – Ex-student records himself using USB Killer to fry college computers
“The defendant, using his personal iPhone, recorded himself inserting the ‘USB Killer’ device into computers and other hardware owned by the college, and making statements including, “I’m going to kill this guy,” then inserting the ‘USB Killer’ device into a USB port, and – after destroying the host device – stating “it’s dead”, and, in […]
NakedSecurity – Scammer pleads guilty to fleecing Facebook and Google of $121m
“… Use strong passwords and consider 2FA to make it harder for crooks to gather intelligence … Consider a “back to base” VPN for remote users so their online security is kept up, even on the road. Think twice about publicly posting personnel information that could be abused in phishing attacks. …”