2010, Manufacturing and Security - Information Management Today

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. ” reads the notice of cyber security breach published by Volvo.

Data breaches

Data breaches Ransomware Manufacturing IT

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. ” reads the post published by Microsoft. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Government Security

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

OCTOBER 31, 2018

US intelligence believes that the cyber espionage operation was under the control of Zha Rong and Chai Meng, two intelligence officers working for the Jiangsu Province Ministry of State Security (JSSD) in the Chinese city of Nanjing. The campaign was carried out at least from January 2010 to May 2015. According to U.S. based firm.

Manufacturing

Manufacturing Military Phishing Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

The Unsexy Threat to Election Security

Krebs on Security

JULY 25, 2019

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. “Such a scenario could cause great confusion and erode public confidence in our elections, even if the vote itself is actually secure,” the report continues.

Security

Security Authentication Passwords Manufacturing

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names

File names Financial Services Manufacturing Libraries

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. The protocol Bluetooth Low Energy (BLE) was released in 2010 and it is designed to implement a new generation of services for mobile applications. ” continues the experts.

IoT

IoT Security Manufacturing Communications

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The OpenSSL software library allows secure communications over computer networks against eavesdropping or need to identify the party at the other end. OpenSSL contains an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. ” reads the report published by Binarly.

Libraries

Libraries Manufacturing Security Communications

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

Security Affairs

OCTOBER 18, 2019

Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. Office of Personnel Management (OPM) breach. Pierluigi Paganini.

Manufacturing

Manufacturing Security Government IT

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

Security researchers at ESET reported that China-linked threat actor APT15 (aka Ke3chang , Mirage , Vixen Panda , Royal APT and Playful Dragon) has been using a previously undocumented backdoor for more than two years. The post China-Linked APT15 group is using a previously undocumented backdoor appeared first on Security Affairs.

Communications

Communications Manufacturing Encryption Security

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. In 2010, the hottabych_k2 address was used to register the domain name dedserver[.]ru of GandCrab. Vpn-service[.]us

Ransomware

Ransomware Passwords Marketing Manufacturing

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

It collaborates with Airbus, the second-largest aerospace company globally after Boeing, to manufacture aerospace equipment. Also, the company manufactures surface-to-air defense systems and missiles. It is crucial to ensure that leaked keys are in longer bit-lengths and encoded using secure encryption/hashing algorithms.

Manufacturing

Manufacturing Access Risk IT

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing.

Communications

Communications Manufacturing Government Security

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” cyber ops capability is Stuxnet , the self-spreading Windows worm found insinuating itself through Iranian nuclear plants in 2010.

Energy and Utilities

Energy and Utilities Access Passwords Cybersecurity

SBOMs: Securing the Software Supply Chain

eSecurity Planet

OCTOBER 26, 2021

Threat intelligence can help scan IT environments for the latest malware, but that’s just one security layer against zero-day threats. Also read: How to Defend Common IT Security Vulnerabilities. Developed by the Linux Foundation in 2010, the Software Package Data Exchange (SPDX) is the leading open standard for SBOM formats.

Security

Security Risk Compliance Cybersecurity

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

Both during this week and over previous years, there's been various headlines calling the security posture of Aadhaar into question and the Indian government has been vehemently refuting any suggestion that the system isn't top notch. Security /= George blocking — Vatsalya Goel (@vatsalyagoel) January 9, 2018.

Security

Security Government Encryption Risk

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

But another part involves fears about national security. There is definitely a national security risk in buying computer infrastructure from a country you don't trust. China dominates the subway car manufacturing industry because of its low prices -- the same reason it dominates the 5G hardware industry. Our enemies do it.

Government

Government Risk Data collection Manufacturing

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

Below is a summary of California’s new law and some takeaways for IoT device manufacturers as they move toward January 1, 2020 compliance. Core Security Obligation. The new law addresses the security obligations of “manufacturers” of connected devices. Code § 1798.91.05(c)) ” (Civ. . ” (Civ.

IoT

IoT Cybersecurity Manufacturing IT

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 5, 2018

Below is a summary of California’s new law and some takeaways for IoT device manufacturers as they move toward January 1, 2020 compliance. Core Security Obligation. The new law addresses the security obligations of “manufacturers” of connected devices. Code § 1798.91.05(c)) ” (Civ. . ” (Civ.

IoT

IoT Cybersecurity Manufacturing IT

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Hunton Privacy

MAY 26, 2010

In April 2010, Affinity Health Plan notified over 400,000 current and former customers that their personal information had been stored on the hard drives of a leased office copier that Affinity later returned to the leasing company.

Privacy

Privacy Risk Manufacturing Retail

Addition to Washington Breach Law Imposes Retailer Liability in Payment Card Breaches

Hunton Privacy

MARCH 24, 2010

Under a Washington law effective July 1, 2010, certain entities involved in payment card transactions may be liable to financial institutions for costs associated with reissuing payment cards after security breaches. 1149 applies to three types of entities: businesses , processors and vendors.

Retail

Retail Manufacturing Encryption Compliance

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

Stuxnet is a malicious computer worm developed to target SCADA systems that was first uncovered in 2010, but researchers believe its development begun at least 2005. and Israel get Stuxnet onto the highly secured Natanz plant? This is the root cause of the discovery of Stuxnet in June 2010. Security Affairs – Stuxnet, ICS).

Military

Military Manufacturing Access Security

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

The Last Watchdog

JULY 25, 2019

The Obama sanctions helped security analysts and the FBI piece together how Bogachev, around 2010, began running unusual searches on well-placed PCs he controlled, via Gameover Zeus infections. Bogachev led a band of criminals that used the Gamover Zeus banking Trojan to steal more than $100 million from banks and businesses worldwide.

IoT

IoT Military Government Manufacturing

Remote sex toys might spice up your love life – but crooks could also get a kick out of them?

Security Affairs

FEBRUARY 14, 2022

A CyberNews investigation has revealed that Lovense remote sex toy users might be at risk from threat actors, due to poor security features. Remote-control sex toys have been around since 2010. So, the CyberNews Team decided to test its devices and interfaces to check how secure they are. Original post: [link]. Sub-par scores.

Manufacturing

Manufacturing Access Security IT

Broadcast or communicate? | ZDNet

Collaboration 2.0

JULY 8, 2008

Google unplugs Windows Google decides that a security invasion from China was the last straw and bans the use of. Take a manufacturing firm operating on a just in time philosophy. Download Now 2010 IT Skills & Salary Report Global Knowledge Are you wondering how your salary compares to your colleagues? There are three Cs.

Communications

Communications Paper Computer and Electronics e-Delivery

The Hacker Mind Podcast: Hacking Teslas

ForAllSecure

JUNE 8, 2022

Even so, the car manufacturers carved out large groups of codes. Since then, car manufacturers have improved on this. Welcome to The Hacker Mind, an original podcast from for all secure. Herfurt: My name is Martin Herfurt and I'm a security researcher. It wasn't very robust. It was a mere 40 bit key length.

Manufacturing

Manufacturing Encryption IT Security

Presidential Cybersecurity and Pelotons

Schneier on Security

FEBRUARY 5, 2021

And all of that is a security risk , especially if you are the president of the United States. US presidents have long tussled with their security advisers over tech. In 2010, President Barack Obama complained that his presidential BlackBerry device was “no fun” because only ten people were allowed to contact him on it.

Cybersecurity

Cybersecurity Risk Security IoT

2020 Census Outreach Runs Counter to Cybersecurity Best Practices

Adam Levin

SEPTEMBER 23, 2020

The 2010 Census had an overall undercount of only 0.01 The problem in 2010 was not how many people were undercounted, but rather who wasn’t counted: 700,000 Latin Xers and almost five percent of the Native American and Alaska native population living on reservations; a million children under the age of four; 1.1 percent in 2010.

Cybersecurity

Cybersecurity Phishing Communications Manufacturing

Information Management Today

Volvo Cars suffers a data breach. Is it a ransomware attack?

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Webinars

Trending Sources

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Webinars

The Unsexy Threat to Election Security

China-linked Budworm APT returns to target a US entity

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

China-Linked APT15 group is using a previously undocumented backdoor

Who’s Behind the GandCrab Ransomware?

Key aerospace player Safran Group leaks sensitive data

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Tracing the Supply Chain Attack on Android

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

SBOMs: Securing the Software Supply Chain

Tracing the Supply Chain Attack on Android

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

On Chinese "Spy Trains"

California Passes First Of Its Kind IoT Cybersecurity Law

California Passes First Of Its Kind IoT Cybersecurity Law

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Addition to Washington Breach Law Imposes Retailer Liability in Payment Card Breaches

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

MY TAKE: How state-backed cyber ops have placed the world in a constant-state ‘Cyber Pearl Harbor’

Remote sex toys might spice up your love life – but crooks could also get a kick out of them?

Broadcast or communicate? | ZDNet

The Hacker Mind Podcast: Hacking Teslas

Presidential Cybersecurity and Pelotons

2020 Census Outreach Runs Counter to Cybersecurity Best Practices

Stay Connected