2017 and Manufacturing - Information Management Today

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Security Affairs

JANUARY 7, 2019

Cyber criminals have stolen customer data from the Titan Manufacturing and Distributing company for nearly one year using a malware. Hackers hit the Titan Manufacturing and Distributing company and compromised its computer system to steal customer payment card data for an entire year. Titan Manufacturing and Distributing, Inc.

Manufacturing

Manufacturing Security Access IT

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Security Affairs

OCTOBER 4, 2018

Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops. In August 2017, the experts from Positive Technologies (Dmitry Sklyarov, Mark Ermolov, and Maxim Goryachy) discovered a way to disable the Intel Management Engine 11 via an undocumented mode.

Manufacturing

Manufacturing IT Access Risk

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Security awareness Cybersecurity

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. Merck filed a $1.4

Insurance

Insurance Healthcare Manufacturing Ransomware

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Security Affairs

SEPTEMBER 30, 2018

Estonian sues Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017. Estonian authorities sue the security firm Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017.

Manufacturing

Manufacturing Government Security Risk

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. According to the officials, the attack was launched by “an international cyber group called ‘ Lazarus.’

Agriculture

Agriculture Manufacturing Phishing Passwords

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

In 2017, thousands of IP cameras have been hijacked by the Persirai IoT botnet that targeted more than 1,000 IP camera models. In June 2017, security experts at security firm F-Secure discovered tens of vulnerabilities in tens of thousands of Internet-connected cameras from China-based manufacturer Foscam.

IoT

IoT Paper Access Manufacturing

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Kobe identified unauthorized access to its network in August 2016 and in June 2017, Pasco had detected the intrusion in May 2018.

Security

Security Manufacturing Data breaches Access

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

“The Federal Office for Information Security (BSI) warns according to §7BSIlaw before using virus protection software from the Russian manufacturer Kaspersky. BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software.

Manufacturing

Manufacturing Information Security Military Cybersecurity

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Manufacturing

Manufacturing Business Services Communications IT

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

Manufacturing. The manufacturing industry was not always known to embrace connected technology, but that’s changing. For example, manufacturing companies can expect a cyberattack itself to cost about $1.7 Analysts also say that the manufacturing industry is extremely attractive to hackers.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

“[In 2017] APT40 was observed masquerading as a UUV manufacturer, and targeting universities engaged in naval research. The cyberspies also targeted research centres and universities involved in naval research with the intent to access advanced technology to push the growth of the Chinese naval industry.

Phishing

Phishing Passwords Government Manufacturing

DHS issued an alert on attacks aimed at Managed Service Providers

Security Affairs

OCTOBER 5, 2018

The use of MSP is increasing the attack surface for attackers, the DHS’ alert TA18-276B , is related to activity that was uncovered by DHS’ National Cybersecurity and Communications Integration Center (NCCIC) in April 2017. ” reads the alert issued by DHS. APT actors have targeted victims in several U.S.

Communications

Communications Manufacturing Cybersecurity Phishing

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including the defense, high tech, energy, government, aerospace, and manufacturing. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum.

Communications

Communications Manufacturing Encryption Security

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

The IoT Cybersecurity Improvement Act First was first introduced in 2017, and later in 2019, a new version was introduced. Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important,” explained Sens.

IoT

IoT Cybersecurity Manufacturing Government

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

Security Affairs

SEPTEMBER 13, 2018

The attackers exploited several vulnerabilities in Microsoft Office, including CVE-2017-8570 , CVE-2017-11882 , and CVE-2018-0802. The group also targeted entities in other sectors, including Government agencies, Telco, Internet service providers, manufacturing, entertainment, and companies in the healthcare industry.

Manufacturing

Manufacturing Phishing Encryption Security

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

A high-severity hardware vulnerability, dubbed Kr00k , in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k , that affects Wi-Fi chips manufactured by Broadcom and Cypress.

Encryption

Encryption Manufacturing Paper Communications

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Healthcare

Healthcare Archiving Cloud Manufacturing

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices.

Passwords

Passwords Manufacturing Encryption Authentication

BMW exposes data of clients in Italy, experts warn

Security Affairs

MARCH 9, 2023

Original post at: [link] Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. In 2017, a vulnerability was discovered in the aforementioned framework. Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on.

Manufacturing

Manufacturing Access Phishing Passwords

Zyxel fixed critical OS command injection flaw in multiple routers

Security Affairs

SEPTEMBER 3, 2024

Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerability, tracked as CVE-2024-7261 (CVSS v3 score of 9.8), impacting multiple models of its business routers.

Manufacturing

Manufacturing Security Access IT

TSMC Chip Maker confirms its facilities were infected with WannaCry ransomware

Security Affairs

AUGUST 7, 2018

Early in August, a malware has infected systems at several Taiwan Semiconductor Manufacturing Co. TSMC is the world’s biggest contract manufacturer of chips for tech giants, including Apple and Qualcomm Inc. This tool was soon stolen by a hacking group named “ Shadow Brokers ” which leaked it to the world in April 2017.

Ransomware

Ransomware IT Manufacturing Security

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

“According to the indictment, between May and September 2017, the defendant and co-conspirators hacked the systems of a foreign refinery and installed malware, which cyber security researchers have referred to as “Triton” or “Trisis,” on a safety system produced by Schneider Electric, a multinational corporation. .”

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019.

Manufacturing

Manufacturing Cybersecurity Encryption Passwords

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Security Affairs

OCTOBER 23, 2018

Ethical hackers have contacted device manufacturers after exposing vulnerabilities in their products. A recent example of a medical device problem concerns a pacemaker manufactured by Medtronic. Butts and Rios disclosed it to Medtronic in January 2017. All the while, the U.S. Image by Rawpixel.

Security

Security Manufacturing Cybersecurity Government

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

DECEMBER 21, 2018

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. Department of Energy’s Lawrence Berkeley National Laboratory.

Computer and Electronics

Computer and Electronics Healthcare Manufacturing Government

Boffins discovered seven new Meltdown and Spectre attacks

Security Affairs

NOVEMBER 14, 2018

In January, white hackers from Google Project Zero disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel. The Meltdown attack could allow attackers to read the entire physical memory of the target machines stealing credentials, personal information, and more.

Paper

Paper Manufacturing Security IT

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.

Government

Government Manufacturing Communications Ransomware

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Human Security identified a supply chain of a Chinese manufacturer that was compromised to backdoor the firmware of several products delivered to resellers, physical retail stores and e-commerce warehouses. Products containing the malicious backdoor have been found on public school networks throughout the United States.

e-Discovery

e-Discovery Retail Manufacturing Security

North Korea’s Lazarus compromised dozens of organizations in Israel

Security Affairs

AUGUST 14, 2020

The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. Since January 2020, the North Korea-linked Lazarus APT has successfully compromised dozens of organizations in Israel and other countries.

Manufacturing

Manufacturing Phishing Ransomware Security

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. Printer manufacturers regularly fix known vulnerabilities in the firmware for the devices they produce, so make sure your printer always stays up-to-date security-wise. Change the default password.

Security

Security IoT Passwords Manufacturing

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The threat actors are spreading the malware through watering hole attacks targeting Tibet, Turkey, and Taiwan, The malware was first spotted in April 2020, but experts believe the ActionSpy spyware has been active at least since 2017. The traffic between C&C and ActionSpy is encrypted by RSA and transferred via HTTP.

Phishing

Phishing Encryption Manufacturing Access

US Navy Memo Raised Cyberscurity Concerns About DJI Drones

Data Breach Today

DECEMBER 19, 2019

Once Classified Document Finally Released In 2017, the U.S. Army ordered that the use of drones made by Chinese manufacturer DJI be discontinued, citing security concerns.

Manufacturing

Manufacturing Encryption Security

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data.

Manufacturing

Manufacturing Data breaches Access Sales

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data. “According to people involved, Chinese hackers Tick may have been involved.

Data breaches

Data breaches Computer and Electronics Government Manufacturing

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

NOVEMBER 5, 2018

Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX) , a product it has launched in 2017 and that was designed to protect industrial facilities from USB-borne threats.

IoT

IoT Data collection Manufacturing Paper

US DoJ announced to have shut down the Russian RSOCKS Botnet

Security Affairs

JUNE 18, 2022

The investigation into the botnet revealed that its operators compromised several large public and private entities, including a university, a hotel, a television studio, and an electronics manufacturer, along with home businesses and individuals. ” continues DoJ.

Computer and Electronics

Computer and Electronics Access Manufacturing Sales

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

The WordPress sets only exposed user names and avatar pictures, but all four Siemens WordPress-based subdomains were vulnerable to a flaw that WordPress itself fixed in 2017, leaving researchers wondering whether there are more severe vulnerabilities on these sites. There are a lot of opportunities for threat actors here.

IoT

IoT Manufacturing Authentication Ransomware

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

The threats that are notable for the Asian region are represented by a significant number of attacks aimed at manufacturing of chips, microprocessors and system control boards of different IT vendors, whose principal manufacturing operations are located in Asia. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up.

Phishing

Phishing Manufacturing Marketing Blockchain

ICS-CERT warns of critical flaws in NetComm industrial routers

Security Affairs

AUGUST 13, 2018

Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless. Sood has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless that can be exploited remotely to take control of affected devices.

Manufacturing

Manufacturing Passwords Authentication Security

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

Backdoor Built into Android Firmware

Schneier on Security

JUNE 21, 2019

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. That meant the malware could directly tamper with every installed app.

Manufacturing

Manufacturing Libraries Security IT

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

JULY 24, 2018

But just eight months later — in January 2017 according to the lawsuit — hackers broke in to the bank’s systems once more, again gaining access to the financial institution’s systems via a phishing email. As with the first incident, the intruders executed their heist on a weekend. Between Jan. THE LAWSUIT.

Insurance

Insurance Computer and Electronics Phishing Access

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Webinars

Trending Sources

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Webinars

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Israel announced to have foiled an attempted cyber-attack on defence firms

Hackers claim to have compromised 50,000 home cameras and posted footage online

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

The German BSI agency recommends replacing Kaspersky antivirus software

TinyNuke banking malware targets French organizations

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

APT40 cyberespionage group supporting growth of China’s naval sector

DHS issued an alert on attacks aimed at Managed Service Providers

China-Linked APT15 group is using a previously undocumented backdoor

US House Passes IoT Cybersecurity Improvement Act

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

China-linked APT10 leverages ZeroLogon exploits in recent attacks

QNAP urges users to update Malware Remover after QSnatch joint alert

BMW exposes data of clients in Italy, experts warn

Zyxel fixed critical OS command injection flaw in multiple routers

TSMC Chip Maker confirms its facilities were infected with WannaCry ransomware

US indicted 4 Russian government employees for attacks on critical infrastructure

QSnatch malware infected over 62,000 QNAP NAS Devices

To Secure Medical Devices, the FDA Turns to Ethical Hackers

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Boffins discovered seven new Meltdown and Spectre attacks

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Android devices shipped with backdoored firmware as part of the BADBOX network

North Korea’s Lazarus compromised dozens of organizations in Israel

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Earth Empusa targets minority group with Android ActionSpy spyware

US Navy Memo Raised Cyberscurity Concerns About DJI Drones

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Mitsubishi Electric discloses data breach, media blame China-linked APT

USB drives are primary vector for destructive threats to industrial facilities

US DoJ announced to have shut down the Russian RSOCKS Botnet

Siemens Metaverse exposes sensitive corporate data

Hyundai suffered a data breach that impacted customers in France and Italy

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

ICS-CERT warns of critical flaws in NetComm industrial routers

Tracing the Supply Chain Attack on Android

Backdoor Built into Android Firmware

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Stay Connected