2018, Government and Manufacturing - Information Management Today

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Security Manufacturing Privacy

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Many countries are going to build 5G infrastructure, but the approach of their governments is completely different. ” reported the AP News.

Manufacturing

Manufacturing Access Government Communications

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. The Israeli statement did not explicitly refer to the government of Pyongyang and did not provide details about the attack (the targeted companies, data of the attack).

Agriculture

Agriculture Manufacturing Phishing Government

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists.

Phishing

Phishing Manufacturing Government Security

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

“The Federal Office for Information Security (BSI) warns according to §7BSIlaw before using virus protection software from the Russian manufacturer Kaspersky. BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software.

Manufacturing

Manufacturing Information Security Military Cybersecurity

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

DECEMBER 21, 2018

The US Department of Justice charged two Chinese hackers for hacking numerous companies and government agencies in a dozen countries, US Indicts Two Chinese Government Hackers Over Global Hacking Campaign. Department of Energy’s Lawrence Berkeley National Laboratory. ” continues the DoJ’s Press release.

Computer and Electronics

Computer and Electronics Healthcare Manufacturing Government

Russian military plans to replace Windows with Astra Linux

Security Affairs

MAY 31, 2019

Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. Astra Linux is a Debian-based distro developed in Russia by the Scientific/Manufacturing Enterprise Rusbitech RusBITech about ten years ago.

Military

Military Government Manufacturing Data Privacy

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. In late July 2020, Crowdstrike spotted a threat actor associated with PIONEER KITTEN that was attempting to sell access to compromised networks on an underground forum.

Access

Access Financial Services Retail Insurance

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. ” reads the analysis published by the experts. .

Healthcare

Healthcare Phishing Government Manufacturing

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

The Chinese nightmare is rapidly spreading among European countries, now a Czech cyber-security agency is warning against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. ” reported the AFP press.

Security

Security Manufacturing Information Security Risk

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The US first, and many other countries after, have decided to ban network equipment manufactured by the Chinese telecom giant Huawei.

Personal data

Personal data Manufacturing Information Security GDPR

UK NCSC releases the Vulnerability Disclosure Toolkit

Security Affairs

SEPTEMBER 15, 2020

“The international standard for vulnerability disclosure ( ISO/IEC 29147:2018 ) defines the techniques and policies that can be used to receive vulnerability reports and publish remediation information. The NCSC designed this toolkit for organisations that currently don’t have a disclosure process but are looking to create one.”

Communications

Communications Risk Manufacturing Government

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

US first, and many other countries after, have decided to ban network equipment manufactured by the Chinese telecom giant Huawei. In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures.

Manufacturing

Manufacturing Government Security Information Security

Expert found Russia’s SORM surveillance equipment leaking user data

Security Affairs

AUGUST 30, 2019

The Russian Government obliges national ISPs to purchase and install the probes used by SORM system that allows the Federal Security Service (FSB) to monitor Internet traffic including online communications. Evdokimov discovered the wiretapping equipment on April 2018 and since June 2018 he worked with ISPs to secure the SORM equipment.

Manufacturing

Manufacturing Paper Government Information Security

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

Security Affairs

SEPTEMBER 13, 2018

On August 13, 2018, security experts from Netscout’s ASERT, uncovered a new campaign carried out by the Cobalt crime gang. The attackers exploited several vulnerabilities in Microsoft Office, including CVE-2017-8570 , CVE-2017-11882 , and CVE-2018-0802. August 2, 2018. CVE-2017-8570, CVE-2017-11882, or CVE-2018-0802.

Manufacturing

Manufacturing Phishing Encryption Security

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Security Affairs

OCTOBER 23, 2018

Ethical hackers have contacted device manufacturers after exposing vulnerabilities in their products. A recent example of a medical device problem concerns a pacemaker manufactured by Medtronic. To reiterate, the researchers tried for months to get the manufacturer to take its concerns seriously, to no avail. Image by Rawpixel.

Security

Security Manufacturing Cybersecurity Government

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

Over the years, the group hit defence contractors, manufacturers, universities, government agencies, legal firms involved in diplomatic disputes, and foreign companies involved with Australasian policy or South China Sea operations. . ” read the report published by the experts. ” read the report published by the experts.

Energy and Utilities

Energy and Utilities Manufacturing Phishing Government

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” The activity will be completed in the coming months.

Government

Government Communications Risk Cybersecurity

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto.

Phishing

Phishing Manufacturing Marketing Blockchain

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

IT

IT Military Manufacturing Government

RansomExx Ransomware upgrades to Rust programming language

Security Affairs

NOVEMBER 24, 2022

RansomExx operation has been active since 2018, the list of its victims includes government agencies, the computer manufacturer and distributor GIGABYTE , and the Italian luxury brand Zegna.

Ransomware

Ransomware Encryption Manufacturing Government

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. From legal firms to banks to government departments, office printers are used by organizations of all types and sizes to print sensitive, confidential, and classified data. Change the default password.

Security

Security IoT Passwords Manufacturing

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

DECEMBER 30, 2019

Open Media pointed out that that Windows XP is the last operating system developed by Microsoft that was approved by the Kremlin for use on official Russian government computers. Microsoft Windows 10 is only allowed only for government systems that don’t manage secret information. ” reads the post published by The Guardian.

Government

Government Communications Military Manufacturing

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including the defense, high tech, energy, government, aerospace, and manufacturing. “Finally, the 2018 Ketrican backdoors share another feature common for Ke3chang group backdoors.

Communications

Communications Manufacturing Encryption Security

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Since February, the attacks targeted organizations in critical manufacturing, IT, and Israel’s defense industry. . This circumstance is confirmed by revelations that emerged in the last couple of years that the Iranian government is using cyber mercenaries for its operations. ” reads the analysis published by Microsoft.

Cloud

Cloud Authentication Manufacturing Security

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The hackers targeting organizations across multiple industries and have also targeted foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Libraries

Libraries Encryption Communications Manufacturing

To Make the Internet of Things Safe, Start with Manufacturing

Thales Cloud Protection & Licensing

SEPTEMBER 11, 2018

According to Maciej Kranz, Cisco VP for strategic innovation, writing for IoTechExpo.com , “[In 2018] IoT security will become the No. Typically, when they are manufactured, IoT devices receive their initial identity in the form of a “digital birth certificate.” This sentiment is shared by industry leaders. Controlling Production Runs.

Manufacturing

Manufacturing IoT Authentication Security

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Chinese hackers employed open-source tools for reconnaissance and vulnerability scanning, according to the government experts, they have utilized open-source router specific software frameworks, RouterSploit and RouterScan [ T1595.002 ], to identify vulnerable devices to target.

Authentication

Authentication Passwords Systems administration Access

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

APRIL 19, 2019

Title 18, Section 2512 , which involves the manufacture, distribution, possession and advertising of devices for intercepting online communications. George Washington University Professor Orin Kerr ‘s 2017 dissection of the government’s charges is worth a read for a deep dive on this sticky legal issue.

Government

Government Manufacturing Communications Ransomware

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security Affairs

JULY 1, 2019

The hackers targeted organizations across multiple industries and have also hit foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Manufacturing

Manufacturing Libraries Security Communications

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

reads the advisory The vulnerability is a heap-based buffer overflow issue and according to the vendor it may have been exploited in a limited number of attacks aimed at government, manufacturing, and critical infrastructure sectors. states the report published by Fortinet. . ” states the analysis published by Bishop Fox.

Manufacturing

Manufacturing Authentication Security Risk

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “Lookout has since acquired 111 unique samples of the BadBazaar surveillanceware dating back to late 2018.

Communications

Communications Manufacturing Government Security

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. After all, government mandates combined with industry standards are the twin towers of public safety. Related: The need for supply chain security This is to be expected.

IoT

IoT Security Manufacturing Cybersecurity

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

It collaborates with Airbus, the second-largest aerospace company globally after Boeing, to manufacture aerospace equipment. Also, the company manufactures surface-to-air defense systems and missiles. While no serious spying activities were reported, government officials confirmed that there were attempts to do so.

Manufacturing

Manufacturing Access Risk IT

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT

IoT Cybersecurity Manufacturing Government

The Information Governance Conference Announces 2018 Keynote Speaker

IG Guru

JULY 19, 2018

Drones and related technologies continue to tangle up courtrooms – with implications on downstream information, autonomous vehicles, manufacturing, healthcare, and so much more. The post The Information Governance Conference Announces 2018 Keynote Speaker appeared first on IG Guru.

Information governance

Information governance Government Manufacturing Data Privacy

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

In 2018 and 2019, ransomware-triggered business disruptions came not in global-spanning worms, ala WannaCry and NotPetya, but in unrelenting one-off attacks. NotPetya wrought $10 billion in damages , according to Tom Bossert a senior Department of Homeland Security official at the time. So threat actors began focusing on softer targets.

Security

Security Ransomware Authentication Access

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

billion IoT devices in use as of 2017, half are consumer gadgets, like smart TVs, speakers, watches, baby cams and home thermostats; much of the rest is made up of things like smart electric meters and security cameras in corporate and government use. more than the $646 billion spent in 2018.

IoT

IoT Energy and Utilities Security Privacy

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. This is a follow on, with a lot more detail, to a story Bloomberg reported on in fall 2018. It’s been going on since at least 2008. Yes, it’s plausible.

Cybersecurity

Cybersecurity Manufacturing Government Communications

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

IT Governance

JULY 30, 2018

Identities of thousands of Tennesseans with HIV made vulnerable by government error. How a Robotics Vendor Exposed Confidential Data for Major Manufacturing Companies. DC health website security breach exposes nurse’s personal info including SSN. BP data breach widens to 60,000 people after malware attack on PageUp job portal.

Data breaches

Data breaches Ransomware Personal data Phishing

Cyber-Criminal espionage Operation insists on Italian Manufacturing

US indicted 4 Russian government employees for attacks on critical infrastructure

Webinars

Trending Sources

5 IoT Security Predictions for 2019

Webinars

US officials claim Huawei Equipment has secret backdoor for spying

Israel announced to have foiled an attempted cyber-attack on defence firms

APT32 state hackers target human rights defenders with spyware

Belgium telecom operators Proximus and Orange drop Huawei

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

The German BSI agency recommends replacing Kaspersky antivirus software

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Russian military plans to replace Windows with Astra Linux

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Czech cyber-security agency warns over Huawei, ZTE security threat

Czech public radio says Huawei Czech Unit secretly collected data

UK NCSC releases the Vulnerability Disclosure Toolkit

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Expert found Russia’s SORM surveillance equipment leaking user data

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

To Secure Medical Devices, the FDA Turns to Ethical Hackers

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

RansomExx Ransomware upgrades to Rust programming language

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Vladimir Putin ‘s computers still run Windows XP, Media reports

China-Linked APT15 group is using a previously undocumented backdoor

Microsoft blocked Polonium attacks against Israeli organizations

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

To Make the Internet of Things Safe, Start with Manufacturing

China-linked threat actors have breached telcos and network service providers

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Key aerospace player Safran Group leaks sensitive data

The IoT Cybersecurity Act of 2020: Implications for Devices

The Information Governance Conference Announces 2018 Keynote Speaker

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

Chinese Supply-Chain Attack on Computer Systems

List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked

Stay Connected