2018 and Manufacturing - Information Management Today

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Security Affairs

OCTOBER 4, 2018

Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops. This week, researchers Maxim Goryachy and Mark Ermolov published a blog post that revealed Chipzilla’s ME contains an undocumented Manufacturing Mode. ” concludes the experts.

Manufacturing

Manufacturing IT Access Risk

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Security Affairs

JANUARY 7, 2019

Cyber criminals have stolen customer data from the Titan Manufacturing and Distributing company for nearly one year using a malware. Hackers hit the Titan Manufacturing and Distributing company and compromised its computer system to steal customer payment card data for an entire year. Titan Manufacturing and Distributing, Inc.

Manufacturing

Manufacturing Security Access IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Security awareness Cybersecurity

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

Security Affairs

DECEMBER 27, 2018

Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 As a result, criminals earned around 30 million USD in 2018, i.e. 23% more than the year before. million USD (+23%) more than in 2017. The intoxicating Internet.

Marketing

Marketing Sales Search queries Manufacturing

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Security Affairs

AUGUST 6, 2021

As of 2018, Ermenegildo Zegna operated 480 retail stores (267 of which company-owned) across the world. The revenge of the company was €1.159 billion as 2018. The RansomEXX gang has been active since 2018 under the name Defray, in June 2020 the group rebranded as RansomEXX. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Archiving Retail Manufacturing

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

“According to Vladimir Kononovich, some manufacturers rely on security through obscurity, with proprietary protocols that are poorly studied and the goal of making it difficult for attackers to procure equipment to find vulnerabilities in such devices. Wincor is currently owned by ATM manufacturer giant Diebold Nixdorf.

Encryption

Encryption Manufacturing Authentication Security

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Security Manufacturing Privacy

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers.

Security

Security Manufacturing Data breaches Access

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

FEBRUARY 7, 2020

. “The signed driver, part of a now-deprecated software package published by Taiwan-based motherboard manufacturer Gigabyte, has a known vulnerability, tracked as CVE-2018-19320.” Attackers exploit the CVE-2018-19320 vulnerability in the legitimate driver to gain kernel access. .

Ransomware

Ransomware Security Encryption Manufacturing

The top trends for manufacturing in 2018

OpenText Information Management

FEBRUARY 5, 2018

We’re now quite well into 2018 but I thought it was still worth putting together a blog on the trends I see affecting manufacturing over the coming year. I’ve chosen two legislative changes and three technology-driven trends.

Manufacturing

Manufacturing Digital transformation IT Analytics

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Huawei issued a statement on Wednesday denying any accusation, it “has never and will never covertly access telecom networks, nor do we have the capability to do so.”.

Manufacturing

Manufacturing Access Government Communications

WECON PI Studio HMI software affected by code execution flaws

Security Affairs

OCTOBER 8, 2018

Researchers Mat Powell and Natnael Samson discovered several vulnerabilities in WECON’s PI Studio HMI software, a software widely used in critical manufacturing, energy, metallurgy, chemical, and water and wastewater sectors. ” reads the security advisory published by the ICS-CERT.

Manufacturing

Manufacturing Access Security Risk

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. According to the officials, the attack was launched by “an international cyber group called ‘ Lazarus.’

Agriculture

Agriculture Manufacturing Phishing Passwords

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

“The Federal Office for Information Security (BSI) warns according to §7BSIlaw before using virus protection software from the Russian manufacturer Kaspersky. BSI remarks that the trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of any defense software.

Manufacturing

Manufacturing Information Security Military Cybersecurity

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Phishing

Phishing Manufacturing Government Security

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

Swedish court suspended the ban on Huawei equipment

Security Affairs

NOVEMBER 12, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. In April 2018, the UK GCHQ intelligence agency warned UK telcos firms of the risks of using ZTE equipment and services for their infrastructure.

Military

Military Manufacturing Risk Communications

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Manufacturing

Manufacturing Business Services Communications IT

Sweden bans Huawei and ZTE from building its 5G infrastructure

Security Affairs

OCTOBER 21, 2020

Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. In April 2018, the UK GCHQ intelligence agency warned UK telcos firms of the risks of using ZTE equipment and services for their infrastructure.

IT

IT Military Manufacturing Risk

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

Mitsubishi Electric continues to be the target of hackers, in 2018, an alleged China-linked cyber espionage group compromised the servers at the company by exploiting a zero-day vulnerability in Trend Micro OfficeScan. . “Company officials on Nov. ” reads a post published on the Asahi Shimbun website.

Manufacturing

Manufacturing Cloud Cybersecurity Security

High Severity DoS bug affects Several Yokogawa products

Security Affairs

JANUARY 5, 2019

A serious DoS flaw affects several industrial automation products manufactured by the Yokogawa Electric. The flaw, tracked as CVE-2018-16196, could be exploited by an attacker to stop communication function of Vnet/IP Open Communication Driver triggering a DoS condition. ” reads the security advisory published by the company.

Agriculture

Agriculture Manufacturing Communications Paper

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. phone number, IMEI/Android ID, Model and Manufacturer, and Android version), Geolocation, Images stored on external storage, WhatsApp voice notes, if installed. . ” reads the report published by Lookout.

Metadata

Metadata Military Manufacturing Access

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

The affected chips are also used in access points and other networking devices manufactured by Cisco and Aruba Networks. “The chips are embedded in, among other devices, certain access points that deliver Wi-Fi to enterprise networks manufactured by Cisco, Meraki and Aruba. to address the CVE-2018-16986 flaw. or earlier.

IoT

IoT Manufacturing Access Security

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

CVE-2021-3971: A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable. ” concludes ESET.

Manufacturing

Manufacturing Security Cybersecurity IT

ATM vendors Diebold and NCR fixed deposit forgery bugs

Security Affairs

AUGUST 22, 2020

The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks. The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks.

Manufacturing

Manufacturing Communications Encryption Access

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

Security Affairs

SEPTEMBER 13, 2018

On August 13, 2018, security experts from Netscout’s ASERT, uncovered a new campaign carried out by the Cobalt crime gang. The attackers exploited several vulnerabilities in Microsoft Office, including CVE-2017-8570 , CVE-2017-11882 , and CVE-2018-0802. August 2, 2018. CVE-2017-8570, CVE-2017-11882, or CVE-2018-0802.

Manufacturing

Manufacturing Phishing Encryption Security

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Security Affairs

NOVEMBER 18, 2018

.” The attack technique was discovered by Privacy4Cars founder Andrea Amico in February 2018, he immediately notified the Automotive Information Sharing and Analysis Center (Auto-ISAC). Amico worked with Auto-ISAC to figure out how attackers could steal PII from vehicles manufactured by affected members.

Manufacturing

Manufacturing Privacy Education Personal data

KCMA Rebrands as Hitachi Construction Machinery Loaders America

Data Breach Today

JANUARY 2, 2018

KCMA Corporation, a subsidiary of Hitachi Construction Machinery Group, has changed their corporate name to Hitachi Construction Machinery Loaders America Inc effective January 1, 2018. .

Manufacturing

Manufacturing Marketing

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

Manufacturing. The manufacturing industry was not always known to embrace connected technology, but that’s changing. For example, manufacturing companies can expect a cyberattack itself to cost about $1.7 Analysts also say that the manufacturing industry is extremely attractive to hackers.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

California Enacts New Requirements for Internet of Things Manufacturers

Hunton Privacy

OCTOBER 1, 2018

On September 28, 2018, California Governor Jerry Brown signed into law two identical bills regulating Internet-connected devices sold in California. According to Bloomberg Law, the Bills’ non-specificity regarding what “reasonable” features include is intentional; it is up to the manufacturers to decide what steps to take. 327 and A.B.

Manufacturing

Manufacturing Privacy Access Security

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto. Group-IB in Asia.

Phishing

Phishing Manufacturing Marketing Blockchain

High severity XML external entity flaw affects Sauter building automation product

Security Affairs

NOVEMBER 5, 2018

According to the ICS-CERT the software widely used in the critical manufacturing sector. The flaw is tracked as CVE-2018-17912, it was discovered by Gjoko Krstic from industrial cybersecurity firm Applied Risk, the issue affects the CASE Suite versions 3.10 ” reads the security advisory published by the ICS-CERT.

Risk

Risk Manufacturing Security Cybersecurity

Google Android team found high severity flaw in Honeywell Android-based handheld computers

Security Affairs

SEPTEMBER 17, 2018

The rugged devices provide enhanced connectivity, including industry standard 802.11x, Cisco compatibility, and Bluetooth, they are widely adopted in many sectors, including energy, healthcare, critical manufacturing, and commercial facilities. The flaw, tracked as CVE-2018-14825 , received a CVSS v3 base score of 7.6).

Passwords

Passwords Manufacturing Access Security

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Security Affairs

OCTOBER 23, 2018

Ethical hackers have contacted device manufacturers after exposing vulnerabilities in their products. A recent example of a medical device problem concerns a pacemaker manufactured by Medtronic. To reiterate, the researchers tried for months to get the manufacturer to take its concerns seriously, to no avail. Image by Rawpixel.

Security

Security Manufacturing Cybersecurity Government

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

UK NCSC releases the Vulnerability Disclosure Toolkit

Security Affairs

SEPTEMBER 15, 2020

“The international standard for vulnerability disclosure ( ISO/IEC 29147:2018 ) defines the techniques and policies that can be used to receive vulnerability reports and publish remediation information. The NCSC designed this toolkit for organisations that currently don’t have a disclosure process but are looking to create one.”

Communications

Communications Risk Manufacturing Government

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. ” reads the alert.

Manufacturing

Manufacturing Cybersecurity Encryption Passwords

Gigaset Android smartphones infected with malware after supply chain attack

Security Affairs

APRIL 7, 2021

Gigaset manufactures DECT telephones. In 2018, it had 888 employees, revenue of 280 million Euro and sales activities in approximately 70 countries. Gigaset AG , formerly known as Siemens Home and Office Communication Devices, is a multinational corporation based Germany.

Communications

Communications Manufacturing Sales Security

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Security Affairs

FEBRUARY 7, 2021

“The number of ICS vulnerabilities disclosed in 2020 increased by 32.89% compared to 2018 and 24.72% compared to 2019. More than 70% of the issues were rated as high or critical Common Vulnerability Scoring System (CVSS) scores, down from more than 75% in 1H 2020. ” reads the report published by Claroty. . continues the report.

Manufacturing

Manufacturing Risk Marketing Security

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” reads a press release published by DoJ. and international Energy Sector organizations. ” reads the joint advisory.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. Printer manufacturers regularly fix known vulnerabilities in the firmware for the devices they produce, so make sure your printer always stays up-to-date security-wise. Change the default password.

Security

Security IoT Passwords Manufacturing

Expert found Russia’s SORM surveillance equipment leaking user data

Security Affairs

AUGUST 30, 2019

Evdokimov discovered the wiretapping equipment on April 2018 and since June 2018 he worked with ISPs to secure the SORM equipment. Some of the SORM devices found by the researcher were manufactured by the Russian MFI Soft. The 30 SORM devices remained unsecured online until Evdokimov made his presentation at the conference.

Manufacturing

Manufacturing Paper Government Information Security

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

Trending Sources

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Webinars

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

5 IoT Security Predictions for 2019

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Belgium telecom operators Proximus and Orange drop Huawei

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

The top trends for manufacturing in 2018

US officials claim Huawei Equipment has secret backdoor for spying

WECON PI Studio HMI software affected by code execution flaws

Israel announced to have foiled an attempted cyber-attack on defence firms

The German BSI agency recommends replacing Kaspersky antivirus software

APT32 state hackers target human rights defenders with spyware

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Swedish court suspended the ban on Huawei equipment

TinyNuke banking malware targets French organizations

Sweden bans Huawei and ZTE from building its 5G infrastructure

Mitsubishi Electric Corp. was hit by a new cyberattack

High Severity DoS bug affects Several Yokogawa products

Experts spotted two Android spyware used by Indian APT Confucius

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

ESET warns of three flaws that affect over 100 Lenovo notebook models

ATM vendors Diebold and NCR fixed deposit forgery bugs

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

CarsBlues Bluetooth attack Affects tens of millions of vehicles

KCMA Rebrands as Hitachi Construction Machinery Loaders America

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

California Enacts New Requirements for Internet of Things Manufacturers

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

High severity XML external entity flaw affects Sauter building automation product

Google Android team found high severity flaw in Honeywell Android-based handheld computers

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Iran-linked APT group Pioneer Kitten sells access to hacked networks

UK NCSC releases the Vulnerability Disclosure Toolkit

QSnatch malware infected over 62,000 QNAP NAS Devices

Gigaset Android smartphones infected with malware after supply chain attack

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

US indicted 4 Russian government employees for attacks on critical infrastructure

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Expert found Russia’s SORM surveillance equipment leaking user data

Stay Connected