Security News for the Week Ending August 27, 2021
Third Party Risk – You Can Ignore it, But It Won’t Ignore You
DataBreaches.net is reporting that a hacker claimed to have hacked an HVAC vendor and remotely accessed systems at the vendor’s customers. One of those customers is reported to be Boston Children’s Hospital. The HVAC vendor is reported to be ENE Systems in Canton, Mass. The hacker showed the reporter schematics and wiring diagrams that the hacker claimed were taken at Children’s Hospital. The hacker attempted to extort ENE after the breach. Hopefully, the affected hospitals, including Mass General, did a good job of isolating the affected systems from the rest of the network, but if so, that would be unusual. I’m hoping. Credit: Info Risk Today
Samsung Can Turn Off Any Samsung TV Worldwide Remotely
Samsung admitted/announced that they can turn off any of their TVs worldwide remotely. The idea is to kill the market for stolen TVs. The TV checks if it is on a stolen TV list and if it is, they shut it down. However, if they turn it off by mistake, you better hope you kept your receipt. They say if you can prove you bought it legally and have a valid TV license (whatever that is), they can turn your TV back on in as little as 48 hours. Otherwise, you have a really expensive paperweight. Of course, if you are like me and think the only smart TV is one that is not connected to the Internet, their solution doesn’t work. On the other hand, I wonder what happens when they get hacked. Now that it is known, hackers might choose to have fun at Samsung’s expense. Credit: Bleeping Computer
Ransomware Gang Targets Specific File Types
Researchers found a Powershell script used by the Pysa ransomware gang that shows exactly what sort of file names they are looking to steal. Those include tax files like 941, 1040, 1099, insurance files, scans, payroll, Pwd and others. See a more complete list here.
What Not to Put in Checked Baggage
The TSA has a long list of things that you cannot legally put in checked baggage like fireworks, but then there are really stupid things to put in your checked luggage. An Alaska Airlines passenger checked their cell phone in their baggage and as the plane landed the phone caught fire, (possibly due to the change in altitude?). The Port of Seattle Fire Department responded, the 182 people on the plane were evacuated and this passenger will not get the information off their phone. Note that this is not illegal, just not smart. There were some injuries and everyone had to be bussed to the terminal. Credit: MSN