NSA spied on European politicians through Danish telecommunications hub
therecord.media/nsa-spied-on-european-politicians-through-danish-telecommunications-hub/ Denmark’s foreign secret service allowed the US National Security Agency to tap into a crucial internet and telecommunications hub in Denmark and spy on the communications of European politicians, a joint investigation by some of Europe’s biggest news agencies revealed on Sunday. The covert spying operation, called Operation Dunhammer, took place between 2012 and 2014, based on a secret partnership signed by the two agencies.
Swedish Health Agency shuts down SmiNet after hacking attempts
www.bleepingcomputer.com/news/security/swedish-health-agency-shuts-down-sminet-after-hacking-attempts/ The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts. SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening. While no evidence of unauthorized parties accessing sensitive information was found so far, the investigation will take at least a few more days until the reporting process will be restarted.
US Army tells remote workers to switch off their IoT devices (and then withdraws advice)
www.bitdefender.com/box/blog/iot-news/us-army-tells-remote-workers-switch-off-iot-devices-withdraws-advice/ The US Army appears to have made a strategic withdrawal from advice it issued to remote workers last week about their use of smart IoT devices. The message from the Army’s Chief Information Officer Dr Raj Iyer on how to protect and safeguard Department of Defense data by making more efforts to mitigate data leaks was clear: Remove all IoT devices, with listening functions, from the work area. Furthermore, the initial announcement of the policy’s existence has also been removed although a copy remains in a Google cache.
Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors
thehackernews.com/2021/05/your-amazon-devices-to-automatically.html Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors unless you choose to opt-out.
A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely
thehackernews.com/2021/05/a-new-bug-in-siemens-plcs-could-let.html Siemens on Friday shipped firmware updates to address a severe vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to remotely gain access to protected areas of the memory and achieve unrestricted and undetected code execution, in what the researchers describe as an attacker’s “holy grail.”
PoC published for new Microsoft PatchGuard (KPP) bypass
therecord.media/poc-published-for-new-microsoft-patchguard-kpp-bypass/ A security researcher has discovered a bug in PatchGuarda crucial Windows security featurethat can allow threat actors to load unsigned (malicious) code into the Windows operating system kernel. This code can now be weaponized and added to active malware strains as a way for those malware families to gain even more dangerous features and the ability to plant rootkits to improve the efficacy of their attacks.