Vulnerabilities found in internet-connected factory torque wrenches.
Welcome to Cyber Security Today. It’s Wednesday January 10th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
Anything that connects to an IT network can have software vulnerabilities. The latest example: WiFi connected pneumatic torque wrenches used by car manufacturers. According to researchers at Nozomi Networks, the vulnerabilities they found in a Bosch Rexroth wrench could let a hacker plant ransomware that would spread across a network. Or the holes could let an attacker alter a wrench’s tightening controls and affect the safety of products. A manufacturer using compromised devices could be extorted by a hacker, and sued by customers. The vulnerabilities are in the device’s Linux-based operating system. The wrench connects to a wireless network so it can be remotely programmed. The lesson: Makers of any internet-connected device have to continuously scrutinize their code for vulnerabilities.
Microsoft SQL database servers in the U.S., Europe and Latin America are being targeted by a threat actor. According to researchers at Securonix, the gang either sells access to compromised servers or plugs them with a strain of ransomware called Mimic. This particular gang has been ramming their way into servers through brute force attacks, which are preventable. Then they leverage a command to create a Windows shell, a command that is supposed to be disabled by default. Among the lessons from this attack: Don’t expose critical servers to the internet — and if you have to, protect them with security like a virtual private network. And IT should always be watching for the creation of new local users on servers and other endpoints.
An American judge has sentenced a Nigerian man to 10 years and one month in prison and ordered him to pay almost US$1.5 million in restitution for conspiring to launder money pulled from internet fraud schemes. The 33-year-old man worked directly with the Nigeria-based leader of an international criminal organization to defraud individuals and businesses across the U.S. He was convicted last August by a federal jury. Three co-accused pleaded guilty to conspiracy to commit money laundering.
A threat actor is using hacked YouTube accounts to plant videos of cracked software like games. According to Fortinet, victims who fall for the scam are tricked into downloading malware. The tactic isn’t new. The lessons: Listeners should know by now to secure their social media accounts with multifactor authentication. And employees should be warned that promises of free versions of commercial software by unknown providers only leads to misery.
Finally, yesterday was Microsoft’s monthly Patch Tuesday, when the company issued security updates for its products. January’s patches include fixes for Windows Kerberos and the Hyper-V hypervisor, as well as holes in Microsoft Office, SQL Server and SharePoint Server.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.