Security Alerts & News
by Tymoteusz A. Góral

History
#1754 Muni system hacker hit others by scanning for year-old Java vulnerability
The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan.

In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers."
Read more
#1756 Secret Europol terror data found online
#1755 The Internet of Things is making hospitals more vulnerable to hackers
#1754 Muni system hacker hit others by scanning for year-old Java vulnerability
#1753 The Tor Phone prototype: a truly private smartphone?
#1752 900,000 Germans knocked offline, as critical router flaw exploited
#1751 Firefox 0day in the wild is being used to attack Tor users
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12