Security News > 2021 > May

Access to Mexico's Lotería Nacional and Pronósticos lottery websites are now blocked to IP addresses outside of Mexico after a ransomware gang threatened to perform denial of service attacks. Lotería Nacional is the government-run national lottery system of Mexico, operating under Mexico's Ministry of Finance.

The group behind the infamous SolarWinds hacks is on another cyberattack spree, this time targeting not just government agencies but others as well. In a report published Thursday, Microsoft revealed that the threat actor Nobelium launched a series of attacks this past week against government agencies, think tanks, consultants, and non-governmental organizations.

Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. In the previous report, FireEye mentioned 12 malware families found on and specifically designed to infect Pulse Secure VPN appliances.

These five TechRepublic Premium downloads can help businesses large and small enact the right networking policies and hire the right people, as well as helping managed service providers and network professionals maintain their infrastructure without neglecting important steps. Proper network security can never be achieved if even a single device or service is left unprotected or a proper disaster plan isn't in place.

Hewlett Packard Enterprise has fixed a critical zero-day remote code execution flaw in its HPE Systems Insight Manager software for Windows that it originally disclosed in December. HPE SIM is a tool that enables remote support automation and management for a variety of HPE servers, including the HPE ProLiant Gen10 and HPE ProLiant Gen9, as well as for storage and networking products.

Researchers at industrial cybersecurity firm Claroty have identified a serious vulnerability that can be exploited by a remote and unauthenticated attacker to hack some of the programmable logic controllers made by Siemens. The vulnerability is tracked as CVE-2020-15782 and it has been described as a high-severity memory protection bypass issue that allows an attacker with network access to TCP port 102 to write or read data in protected memory areas.

Florian "The Shark" Tudor, the alleged ringleader of a prolific ATM skimming gang that siphoned hundreds of millions of dollars from bank accounts of tourists visiting Mexico over the last eight years, was arrested in Mexico City on Thursday in response to an extradition warrant from a Romanian court. Tudor, a native of Craiova, Romania, moved to Mexico to set up Top Life Servicios, an ATM servicing company which managed a fleet of relatively new ATMs based in Mexico branded as Intacash.

Whether bolstering or enhancing corporate security posture, creating awareness for formerly office-based employees now working from home or responding to the damage caused by an unfortunate breach or attack, we have learned the importance of resilience and the need to learn from success or failure. The pandemic produced new challenges for security teams in addition to their existing workload. They not only found themselves working remotely - but with a workforce doing the same, threats that could be spotted on the corporate network were now starting to hide on a home WiFi.

One of the Chinese threat actors targeting Pulse Secure VPN appliances via a recently disclosed vulnerability has been attempting to cover its tracks by removing its webshells from victim networks, FireEye reports. Tracked as CVE-2021-22893, the vulnerability was made public in late April, after security researchers discovered that threat actors had already been exploiting it in attacks targeting organizations in the defense, financial, government, high tech, and transportation sectors in the U.S. and Europe.

SonicWall urges customers to 'immediately' patch a post-authentication vulnerability impacting on-premises versions of the Network Security Manager multi-tenant firewall management solution. The vulnerability tracked as CVE-2021-20026 affects NSM 2.2.0-R10-H1 and earlier and it was patched by SonicWall in the NSM 2.2.1-R6 and 2.2.1-R6 versions.