2013 and Manufacturing - Information Management Today

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. KG is a German weapon manufacturer headquartered in Überlingen. Diehl Defence GmbH & Co. It operates as a division of Diehl Stiftung and specializes in the production of missiles and ammunition. .”

Military

Military Manufacturing Phishing Information Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. Pierluigi Paganini. SecurityAffairs – Winnti, malware).

Manufacturing

Manufacturing Paper Communications IT

Sounding the Alarm on Emergency Alert System Flaws

Krebs on Security

AUGUST 12, 2022

“I found all kinds of problems back then, and reported it to the DHS, FBI and the manufacturer,” Pyle said in an interview with KrebsOnSecurity. According to the EAS wiki, in February 2013, hackers broke into the EAS networks in Great Falls, Mt. “But nothing ever happened. and Marquette, Mich.

Passwords

Passwords Manufacturing Security Risk

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

Chinese Ministry Issues New Rule Restricting Pre-Installation of Software by Manufacturers of Mobile Devices

Hunton Privacy

MAY 7, 2013

In April 2013, the Ministry of Industry and Information Technology of the People’s Republic of China (the “MIIT”) issued a new rule entitled the “Notice on Strengthening the Administration of Networked Smart Mobile Devices” (the “Notice”). Read our previous coverage on the latest developments in China.

Manufacturing

Manufacturing Communications Sales Marketing

FTC Orders Mobile Device Manufacturers to Provide Information about Security Updates for Study

Hunton Privacy

MAY 10, 2016

The companies must file their responses within 45 days from the date of service of the Orders.

Manufacturing

Manufacturing Security Sales IT

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

TA423 is a China-linked cyber espionage group that has been active since 2013, it focuses on political events in the Asia-Pacific region, specifically on the South China Sea. The researchers attribute the campaign to the China-linked APT group tracked as TA423 /Red Ladon. ” read the report published by the experts.

Energy and Utilities

Energy and Utilities Manufacturing Phishing Government

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Security Affairs

DECEMBER 18, 2019

Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South Korea (60%). ” reads the report published by the CyberX experts.

Manufacturing

Manufacturing Phishing Paper Passwords

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. phone number, IMEI/Android ID, Model and Manufacturer, and Android version), Geolocation, Images stored on external storage, WhatsApp voice notes, if installed. .

Metadata

Metadata Military Manufacturing Access

FTC Settles Charges in First Case Against Mobile Device Manufacturer

Hunton Privacy

FEBRUARY 27, 2013

On February 22, 2013, the Federal Trade Commission announced that it had settled charges against HTC America, Inc. (“HTC”) This settlement marks the FTC’s first case against a mobile device manufacturer. Update : On July 2, 2013, the FTC approved the final settlement order with HTC.

Manufacturing

Manufacturing Risk Privacy Access

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.” ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

In this phase of the project that started in 2013 ( SOHOpelessly Broken 1.0 ) , the researchers assessed the security of 13 SOHO router and NAS devices and found a total of 125 new vulnerabilities. . Unfortunately, some manufacturers, including Drobo, Buffalo Americas, and Zioncom Holdings, did not respond to report.

IoT

IoT Manufacturing Authentication Security

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Mining

Mining Manufacturing Government Phishing

Experts found undocumented access feature in Siemens SIMATIC PLCs

Security Affairs

NOVEMBER 17, 2019

The teams of researchers discovered that the hardware undocumented access mode was present in the bootloader code since 2013. “There is an access mode used during manufacturing of S7-1200 CPUs that allows additional diagnostic functionality. ” reads a security advisory published by Siemens.

Access

Access Manufacturing Risk Security

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. The organizations now in the line of fire include manufacturing firms , telemarketers, law firms, hospitals , cities and towns , local government agencies and local schools districts – the very underpinnings of the U.S. Ransomware hacking groups extorted at least $144.35

Ransomware

Ransomware Security Authentication Access

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods. This attacker easily located IoT devices that used the manufacturers’ default security setting.

IoT

IoT Mining Manufacturing Security

Fujitsu Introduces New Image Processing Technology on fi-8000 Series Scanners

Info Source

MARCH 18, 2022

Introduced in 2013, the fi-7160 has been the top-selling model in Infosource’s Departmental segment. With the fi-8170, Fujitsu has reduced its manufacturing costs, as well as the device footprint which enables the new model to remain price competitive and provide users a powerful scanner solution on their desktop.

Marketing

Marketing Manufacturing Paper Cloud

China-linked APT used Daxin, one of the most sophisticated backdoor even seen

Security Affairs

MARCH 1, 2022

Symantec links Daxin to the China-linked cyberespionage group Slug (aka Owlproxy) and believes that the group is using the backdoor since at least 2013. The most recent attacks involving Daxin were observed by the security firm in November 2021, they were aimed at telecommunication, transportation, and manufacturing companies.

Communications

Communications Manufacturing Government Risk

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

IT Governance

NOVEMBER 28, 2023

9 million records breached through decade-long data leak A former temporary employee of a subsidiary of NTT West (Nippon Telegraph and Telephone West Corp) illegally accessed about 9 million personal data records over the course of a decade (2013 to 2023). Breached records: more than 56 million.

Data Privacy

Data Privacy Privacy Energy and Utilities Data breaches

Fujitsu Introduces New Image Processing Technology on fi-8000 Series Scanners

Info Source

MARCH 18, 2022

Introduced in 2013, the fi-7160 has been the top-selling model in Infosource’s Departmental segment. With the fi-8170, Fujitsu has reduced its manufacturing costs, as well as the device footprint which enables the new model to remain price competitive and provide users a powerful scanner solution on their desktop.

Marketing

Marketing Manufacturing Paper Cloud

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

AUGUST 15, 2021

.” “ MAB5 was described in gushing terms and with incredible detail, even naming the military leader – a Lieutenant Colonel (Lt Col) in the Royal Corps of Signals, who was awarded the MBE in the Queen’s Birthday Honours List 2013 when he was a Major. His email address and phone number were also listed in the advert.”

Computer and Electronics

Computer and Electronics Military Manufacturing Communications

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Libraries

Libraries Encryption Communications Manufacturing

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

“In 2013, I developed a platform for security research through which penetration test can be done for phones and computers,” Algangaf said. Further investigation revealed the electricity provider was just one of many French critical infrastructure firms that had systems beaconing home to the malware network’s control center.

Passwords

Passwords Security Manufacturing Data breaches

FDA Issues Final Guidance on Cybersecurity in Medical Devices

Hunton Privacy

OCTOBER 6, 2014

The Guidance provides recommendations to device manufacturers for content “to include in FDA medical device premarket submissions for effective cybersecurity management.” The Guidance updates a draft guidance that was originally published in June 2013.

Cybersecurity

Cybersecurity Manufacturing Authentication Passwords

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

The APT40 group has been active since at least 2013 and appears to be focused on supporting naval modernization efforts of the Government of Beijing. “[In 2017] APT40 was observed masquerading as a UUV manufacturer, and targeting universities engaged in naval research. ” reads the analysis published by FireEye.

Phishing

Phishing Passwords Government Manufacturing

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

Security Affairs

OCTOBER 18, 2019

The researchers attributed the attacks to a China-linked threat actor tracked as TURBINE PANDA who targeted multiple companies that manufactured the C919’s components between 2010 and 2015. “However, the C919 can hardly be seen as a complete domestic triumph, because it is reliant on a plethora of foreign-manufactured components.

Manufacturing

Manufacturing Security Government IT

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog

DECEMBER 3, 2018

The Starwood hack appears to come in second in scale only to the 2013 Yahoo breac h, which affected as many as 3 billion accounts, while a subsequent Yahoo breach also hit 500 million accounts. The breach is rightly attracting attention of regulators in Europe and the United States.

Authentication

Authentication Military Access Insurance

Agreement on Proposal for Cybersecurity Act

Hunton Privacy

DECEMBER 20, 2018

The hope is that consumers will benefit from this new regulation as manufacturers provide detailed information on cybersecurity for certified products and services including guidance on installation, the period for security support and information for security updates.

Cybersecurity

Cybersecurity Marketing Manufacturing Government

Are We Prepared for the Rise of Automation?

AIIM

SEPTEMBER 25, 2018

A great proportion of the six million US manufacturing jobs that have disappeared over the last few decades were lost as a direct result of automation’s slow absorption of physical labor and factory work. According to another paper, one published by Oxford in 2013, 47% of total US employment could be at risk.

Artificial Intelligence

Artificial Intelligence Paper Manufacturing Marketing

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

The Last Watchdog

AUGUST 26, 2019

In 2013, he co-founded Nozomi Networks aiming to deliver a more holistic and efficient way to defend industrial controls of all types. And not just of power plants and utilities, but also in the firmware and software that run manufacturing plants of all types and sizes, Carcano told me.

Artificial Intelligence

Artificial Intelligence Cybersecurity Manufacturing Security

FDA Issues Safety Communication and Guidance on Cybersecurity for Medical Devices

Hunton Privacy

JUNE 14, 2013

On June 13, 2013, the Food and Drug Administration (“FDA”) published a safety communication and guidance regarding the vulnerability of medical devices to cyberattacks. The guidance will represent the FDA’s views on cybersecurity, but will not create any legal obligations on the part of medical device manufacturers.

Communications

Communications Cybersecurity Manufacturing Passwords

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

The Last Watchdog

AUGUST 26, 2019

In 2013, he co-founded Nozomi Networks aiming to deliver a more holistic and efficient way to defend industrial controls of all types. And not just of power plants and utilities, but also in the firmware and software that run manufacturing plants of all types and sizes, Carcano told me.

Artificial Intelligence

Artificial Intelligence Cybersecurity Manufacturing Security

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Security Affairs

OCTOBER 21, 2019

The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. PortReus e was used by the Winnti cyberespionage group to target a high-profile Asian mobile software and hardware manufacturer. Security experts at ESET have discovered a new malware, dubbed skip-2.0,

Passwords

Passwords Authentication Manufacturing Communications

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Another small firm suffers a serious ransomware attack: Cadre Services gets mauled by AlphV Date of breach: 19 September 2013 (AlphV uploaded first part of data to its website on 19 October 2023). Breached organisation: D-Link Corporation, Taiwanese networking equipment manufacturer. Records breached: 91,000 individuals affected.

Data Privacy

Data Privacy Privacy Security Data breaches

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security Affairs

JULY 1, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , is state-sponsored group that has been active since at least 2013. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Manufacturing

Manufacturing Libraries Communications Security

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

The Last Watchdog

NOVEMBER 11, 2020

Toward this end, along came the FIDO Alliance in early 2013. FIDO sets forth common biometric authentication protocols designed to foster the growth of an ecosystem of device manufacturers, software developers or online service providers all using FIDO standards.

Authentication

Authentication Passwords Security Access

BIS Issues Long-Awaited Notice on Controls on Foundational Technologies, Adds New Entities to Entity List

Data Matters

AUGUST 28, 2020

businesses involved in the production, design, testing, manufacturing, fabrication, or development of “critical technologies,” even when such investments do not give the foreign investor control over the U.S. In certain cases, CFIUS filings are mandatory for investments in such companies.

Military

Military Manufacturing Compliance Security

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

IT Governance

JULY 30, 2018

SIAS says data of 70,000 members stolen in 2013. How a Robotics Vendor Exposed Confidential Data for Major Manufacturing Companies. Patients’ health records stolen from gas station. Lane County Health and Human Services says more than 700 patients and clients had their files lost or possibly destroyed. LabCorp hacked?

Data breaches

Data breaches Ransomware Personal data Phishing

Article 29 Working Party Opines on Mobile Apps

Hunton Privacy

MARCH 18, 2013

On February 27, 2013, the Article 29 Working Party (the “Working Party”) adopted an Opinion (the “Opinion”) addressing personal data protection issues related to the development and use of applications on mobile devices. Operating system and device manufacturers should enable users to uninstall apps and ensure all user data is deleted.

Manufacturing

Manufacturing Personal data Privacy Data breaches

The Microsoft Exchange Attack Saga Continues

eSecurity Planet

MARCH 26, 2021

Microsoft reports that the tool has been tested for Exchange Server 2013, 2016 and 2019. A disturbing 23% of all attacks have been levied on Government and Military organizations, followed by Manufacturing (15%) and Financial Services (14%). . The other Vulnerability Culprits. According to their data, the U.S.

Ransomware

Ransomware Authentication Financial Services Military

FTC Releases Report on the Increased Use of Mobile Payments

Hunton Privacy

MARCH 12, 2013

On March 8, 2013, the Federal Trade Commission issued a staff report entitled Paper, Plastic… or Mobile? For example, a mobile payment could involve operating system manufacturers, mobile phone carriers, application developers, and coupon and loyalty program administrators, in addition to banks and merchants.

Privacy

Privacy Data collection Manufacturing Paper

The Consideration of Arrest and Conviction Records in Employment Decisions: A Critique of the EEOC Guidance

Hunton Privacy

JUNE 17, 2013

Not deterred, on June 11, 2013, the EEOC continued to pursue this theory by filing cases in the District of South Carolina against BMW Manufacturing, and in the Northern District of Illinois against retailer Dollar General.

Retail

Retail Manufacturing Risk IT

P3iD to Demo TWAIN Direct Capture Platform

Info Source

AUGUST 22, 2018

It’s the driverless scanning initiative launched by the TWAIN Working Group (TWG) in 2013 designed to bring document scanning into the 21st century when it comes to connectivity [see DIR 12/20/13]. P3iD will initially target hardware manufacturers and enterprise users with its platform. “If

Blockchain

Blockchain Cloud Manufacturing Authentication

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Trending Sources

Sounding the Alarm on Emergency Alert System Flaws

Tracing the Supply Chain Attack on Android

Chinese Ministry Issues New Rule Restricting Pre-Installation of Software by Manufacturers of Mobile Devices

FTC Orders Mobile Device Manufacturers to Provide Information about Security Updates for Study

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Experts spotted two Android spyware used by Indian APT Confucius

FTC Settles Charges in First Case Against Mobile Device Manufacturer

Tracing the Supply Chain Attack on Android

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Experts found undocumented access feature in Siemens SIMATIC PLCs

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

Fujitsu Introduces New Image Processing Technology on fi-8000 Series Scanners

China-linked APT used Daxin, one of the most sophisticated backdoor even seen

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

Fujitsu Introduces New Image Processing Technology on fi-8000 Series Scanners

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

French Firms Rocked by Kasbah Hacker?

FDA Issues Final Guidance on Cybersecurity in Medical Devices

APT40 cyberespionage group supporting growth of China’s naval sector

China-linked cyberspies Turbine PANDA targeted aerospace firms for years

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

Agreement on Proposal for Cybersecurity Act

Are We Prepared for the Rise of Automation?

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

FDA Issues Safety Communication and Guidance on Cybersecurity for Medical Devices

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

The Week in Cyber Security and Data Privacy: 16–22 October 2023

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

SHARED INTEL: Coming very soon — ‘passwordless authentication’ as a de facto security practice

BIS Issues Long-Awaited Notice on Controls on Foundational Technologies, Adds New Entities to Entity List

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

Article 29 Working Party Opines on Mobile Apps

The Microsoft Exchange Attack Saga Continues

FTC Releases Report on the Increased Use of Mobile Payments

The Consideration of Arrest and Conviction Records in Employment Decisions: A Critique of the EEOC Guidance

P3iD to Demo TWAIN Direct Capture Platform

Stay Connected