informapirata ⁂ Jun 14, 2021
Porte girevoli.
John #Demers, l'uomo che ha provato ad accusare senza grandi risultati le spie russe e cinesi per #hacking, si dimette tre anni da assistente del procuratore generale per la sicurezza nazionale.
Il suo posto sarà preso da Matt Olsen, ora direttore esecutivo per la sicurezza in #Uber, che era stato già nominato dall'ex presidente George W. Bush vice procuratore generale per la Divisione per la sicurezza nazionale nel 2006
Di Sean #Lyngaas per #CyberScoop
https://www.cyberscoop.com/john-demers-justice-department-resignation-cyber/
Veteran Justice official who oversaw cybercrime cases to step down - CyberScoop

The Justice Department official who leads the division that prosecutes state-linked and criminal hackers is resigning by the end of June, a department spokesman said Monday. John Demers will step down after more than three years as assistant attorney general for national security, during which time the department brought multiple charges against alleged Russian and Chinese spies for hacking. Mark Lesko, the acting U.S. attorney for the Eastern District of New York, will likely serve as Demers’ temporary replacement, department spokesman Marc Raimondi said. Demers’ departure, which the Associated Press first reported on, has been expected for months. The White House said last month it would nominate Matt Olsen, a security executive at Uber, to replace Demers. The assistant attorney general for national security is one of the most important cybersecurity-related perches in the U.S. government as the incumbent can wield the full force of the Justice Department to pursue […]

CyberScoop
informapirata ⁂ May 30, 2021
Un hacker si è introdotto nel sistema di un impianto di trattamento delle acque nella città della Florida di #Oldsmar modificando l'impostazione dell'idrossido di sodio dell'impianto a un livello potenzialmente pericoloso.
Ma l'hacker non era solo: la società di sicurezza industriale #Dragos ha rilevato una sospetta intrusione diversa avvenuta lo stesso giorno in uno dei computer della #Oldsmar Water Treatment Facility, forse una botnet.
Di Sean #Lyngaas su #Cyberscoop
https://www.cyberscoop.com/oldsmar-water-plant-botnet-dragos/
Botnet traced to computer at hacked Florida water plant - CyberScoop

On Feb. 5, an unidentified hacker broke into the computer system of a water treatment plant in the Florida town of Oldsmar and temporarily changed the plant’s sodium hydroxide setting to a potentially dangerous level, according to local officials. It turns out that hacker wasn’t alone on the network. While law enforcement officials still haven’t publicly identified the perpetrator of the well-publicized hack, industrial security firm Dragos on Tuesday revealed a separate suspected intrusion that same day of one of the Oldsmar Water Treatment Facility’s computers. Dragos has tied the malicious code to a botnet, or horde of infected computers used by spammers, whose code scanned the computers of local water utilities in Florida in recent months. There is no connection between the incidents — whoever tampered with the Oldsmar facility’s chemical settings is not involved in the botnet — but the revelation shows how two very different types of hackers […]

CyberScoop
informapirata ⁂ Apr 30, 2021
I ricercatori Microsoft hanno scoperto circa due dozzine di vulnerabilità nel software incorporato in dispositivi medici e industriali popolari che un utente malintenzionato potrebbe utilizzare per violare tali dispositivi e, in alcuni casi, causarne l'arresto anomalo.
Di Sean #Lyngaas su #Cyberscoop
https://www.cyberscoop.com/microsoft-azure-iot-badalloc-vulnerabilities/
Researchers find two dozen bugs in software used in medical and industrial devices - CyberScoop

Microsoft researchers have discovered some two dozen vulnerabilities in software that is embedded in popular medical and industrial devices that an attacker could use to breach those devices, and in some cases cause them to crash. The so-called “BadAlloc” vulnerabilities the researchers revealed on Thursday are in code that makes its way into infusion pumps, industrial robots, smart TVs and wearable devices. No less than 25 products made by the likes of Google Cloud, Samsung and Texas Instruments are affected. The research serves as a critique of the coding practices of the designers of billions of so-called “internet of things” devices that are a feature of modern life. There’s no evidence that the vulnerabilities have been exploited, according to Microsoft. But the Department of Homeland Security’s cybersecurity agency issued an advisory urging organizations to update their software. It’s unclear just how many devices are affected by the software bugs, but […]

CyberScoop