2018, Manufacturing and Security - Information Management Today

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Security Affairs

OCTOBER 4, 2018

Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops. Experts from security firm Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple forgot did not lock it in laptops. ” concludes the experts.

Manufacturing

Manufacturing IT Access Sales

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Security Affairs

JANUARY 7, 2019

Cyber criminals have stolen customer data from the Titan Manufacturing and Distributing company for nearly one year using a malware. Hackers hit the Titan Manufacturing and Distributing company and compromised its computer system to steal customer payment card data for an entire year. Titan Manufacturing and Distributing, Inc.

Manufacturing

Manufacturing Security Access IT

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. According to the company, attackers did not obtain sensitive information about defense contracts.

Security

Security Manufacturing Data breaches Access

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

Security Affairs

FEBRUARY 7, 2020

Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling security products. Normally, Windows security software processes could only be killed by Kernel drivers. Attackers use this driver to disable security products.

Ransomware

Ransomware Security Encryption Manufacturing

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. In August 2018, a malware infected systems at several Taiwan Semiconductor Manufacturing Co.

Manufacturing

Manufacturing Ransomware Security awareness Cybersecurity

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Security Manufacturing Privacy

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

Security Affairs

DECEMBER 27, 2018

Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 As a result, criminals earned around 30 million USD in 2018, i.e. 23% more than the year before. million USD (+23%) more than in 2017. The intoxicating Internet.

Sales

Sales Marketing Search queries Manufacturing

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. score of 6.8.

Encryption

Encryption Manufacturing Authentication Security

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Security Affairs

AUGUST 6, 2021

As of 2018, Ermenegildo Zegna operated 480 retail stores (267 of which company-owned) across the world. The revenge of the company was €1.159 billion as 2018. The RansomEXX gang has been active since 2018 under the name Defray, in June 2020 the group rebranded as RansomEXX. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Archiving Retail Manufacturing

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. Pierluigi Paganini.

Manufacturing

Manufacturing Risk Communications Security

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Security Affairs

OCTOBER 23, 2018

Food and Drug Administration (FDA) is embracing the work of ethical hackers and their researches to secure medical devices. People typically shudder to think about their smart speakers or home security systems getting compromised, and indeed, vulnerabilities in those devices would be traumatizing. All the while, the U.S.

Security

Security Manufacturing Cybersecurity Government

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

national security adviser, Robert O’Brien, made the statement at an Atlantic Council forum. national security adviser, Robert O’Brien, made the statement at an Atlantic Council forum on Tuesday evening, but he did not provide any evidence of the presence of the alleged backdoors. ” reported the AP News. Pierluigi Paganini.

Manufacturing

Manufacturing Access Government Communications

How Secure Are Bitcoin Wallets, Really?

Security Affairs

OCTOBER 8, 2018

Purchasers of Bitcoin wallets usually have one priority topping their lists: security. What’s the truth about the security of these wallets? So, the companies behind those wallets wisely emphasize why their products are more secure than what competitors offer and why that’s the case. About the author.

Security

Security Manufacturing Cybersecurity Marketing

WECON PI Studio HMI software affected by code execution flaws

Security Affairs

OCTOBER 8, 2018

Security experts discovered several vulnerabilities in WECON’s PI Studio HMI software, the company has verified the issues but has not yet released patches. The company’s products are used all around the world, particularly in the critical manufacturing, energy, and water and wastewater sectors. Pierluigi Paganini.

Manufacturing

Manufacturing Access Security Risk

Swedish court suspended the ban on Huawei equipment

Security Affairs

NOVEMBER 12, 2020

The decision is the result of assessments made by the Swedish military and security service. Recently Belgian telecoms operators Orange Belgium and Proximus announced that it will gradually replace the equipment from the Chinese manufacturer Huawei. Pierluigi Paganini. SecurityAffairs – hacking, Chrome zero-day). Pierluigi Paganini.

Military

Military Manufacturing Risk Communications

SAP security fixes address Critical flaw in SAP HANA XSA

Security Affairs

FEBRUARY 14, 2019

SAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. SAP Security Patch Day for February 2019 includes 13 Security Notes and 3 updates to previously released security notes. ” reads the advisory published by SAP.

Security

Security Manufacturing Access Authentication

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Pierluigi Paganini.

Phishing

Phishing Manufacturing Government Security

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Manufacturing

Manufacturing Information Security Military Cybersecurity

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. Organizations are recommended to implement supplementary security measures to protect SCADA systems used in the water and energy sectors. Pierluigi Paganini.

Agriculture

Agriculture Manufacturing Phishing Passwords

Sweden bans Huawei and ZTE from building its 5G infrastructure

Security Affairs

OCTOBER 21, 2020

Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. The decision is the result of assessments made by the Swedish military and security service. Excluding Huawei will not make Swedish 5G networks any more secure.

IT

IT Military Manufacturing Risk

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

Mitsubishi Electric continues to be the target of hackers, in 2018, an alleged China-linked cyber espionage group compromised the servers at the company by exploiting a zero-day vulnerability in Trend Micro OfficeScan. was hit by a new cyberattack appeared first on Security Affairs. . “Company officials on Nov.

Manufacturing

Manufacturing Cloud Cybersecurity Security

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. . ” concludes the report.

Metadata

Metadata Military Manufacturing Access

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. . Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Business Services Communications IT

High Severity DoS bug affects Several Yokogawa products

Security Affairs

JANUARY 5, 2019

A serious DoS flaw affects several industrial automation products manufactured by the Yokogawa Electric. The flaw, tracked as CVE-2018-16196, could be exploited by an attacker to stop communication function of Vnet/IP Open Communication Driver triggering a DoS condition. ” reads the security advisory published by the company.

Agriculture

Agriculture Manufacturing Communications Paper

ATM vendors Diebold and NCR fixed deposit forgery bugs

Security Affairs

AUGUST 22, 2020

The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks. The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks. Pierluigi Paganini.

Manufacturing

Manufacturing Communications Encryption Authentication

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo has published a security advisory to warn customers of vulnerabilities that affect its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its notebook models, including IdeaPad 3, Legion 5 Pro-16ACH6 H, and Yoga Slim 9-14ITL05. Both drivers are used only during the manufacturing process.

Manufacturing

Manufacturing Security Cybersecurity IT

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

Security experts from the IoT security firm Armis, the same that found the BlueBorne Bluetooth flaws, have discovered two serious vulnerabilities in BLE chips designed by Texas Instruments. The affected chips are also used in access points and other networking devices manufactured by Cisco and Aruba Networks. or earlier.

IoT

IoT Manufacturing Access Security

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Manufacturing

Manufacturing Cybersecurity Encryption Passwords

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Security Affairs

NOVEMBER 18, 2018

The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth to access user PII. The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth, it affects users who have synced their smartphone to their cars. .”

Manufacturing

Manufacturing Privacy Education Personal data

UK NCSC releases the Vulnerability Disclosure Toolkit

Security Affairs

SEPTEMBER 15, 2020

The British National Cyber Security Centre (NCSC) released a guideline, dubbed The Vulnerability Disclosure Toolkit, for the implementation of a vulnerability disclosure process. Having a clearly signposted reporting process demonstrates that your organisation takes security seriously. ” reads the guideline. Pierluigi Paganini.

Communications

Communications Risk Manufacturing Government

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

Security Affairs

SEPTEMBER 13, 2018

Security researchers from Proofpoint reported the massive use of the CobInt malware by the Cobalt group in recent attacks. On August 13, 2018, security experts from Netscout’s ASERT, uncovered a new campaign carried out by the Cobalt crime gang. August 2, 2018. CVE-2017-8570, CVE-2017-11882, or CVE-2018-0802.

Manufacturing

Manufacturing Phishing Encryption Security

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Security Affairs

FEBRUARY 7, 2021

The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. “The number of ICS vulnerabilities disclosed in 2020 increased by 32.89% compared to 2018 and 24.72% compared to 2019. ” reads the report published by Claroty. . continues the report.

Manufacturing

Manufacturing Risk Marketing Security

High severity XML external entity flaw affects Sauter building automation product

Security Affairs

NOVEMBER 5, 2018

A security researcher has found a serious vulnerability in a building automation product from Sauter AG that could be exploited to steal files from an affected system. According to the ICS-CERT the software widely used in the critical manufacturing sector. ” reads the security advisory published by the ICS-CERT.

Risk

Risk Manufacturing Security Cybersecurity

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain. ” reads the report published by Human Security. The only way to remove the threat is to wipe the smartphone and reinstall the OS.

e-Discovery

e-Discovery Retail Manufacturing Security

Google Android team found high severity flaw in Honeywell Android-based handheld computers

Security Affairs

SEPTEMBER 17, 2018

Security experts from the Google Android team have discovered a high severity privilege escalation vulnerability in some of Honeywell Android-based handheld computers that could be exploited by an attacker to gain elevated privileges. The flaw, tracked as CVE-2018-14825 , received a CVSS v3 base score of 7.6). Pierluigi Paganini.

Passwords

Passwords Manufacturing Access Security

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

In addition to the monetary costs associated with things like lost productivity and improving network security to reduce the likelihood of future incidents, affected companies have to deal with the costs tied to reduced customer trust and damaged reputations. Manufacturing. Doing so often requires substantial financial resources. .

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto. Group-IB in Asia.

Phishing

Phishing Manufacturing Marketing Blockchain

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. The post US indicted 4 Russian government employees for attacks on critical infrastructure appeared first on Security Affairs. ” continues the DoJ.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

Expert found Russia’s SORM surveillance equipment leaking user data

Security Affairs

AUGUST 30, 2019

A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. “Using the open-source security scanner “ZMap,” Evdokimov found 30 more “suspicious packet sniffers” in the networks of at least 20 Russian Internet providers.”

Manufacturing

Manufacturing Paper Government Information Security

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

NotPetya wrought $10 billion in damages , according to Tom Bossert a senior Department of Homeland Security official at the time. In 2018 and 2019, ransomware-triggered business disruptions came not in global-spanning worms, ala WannaCry and NotPetya, but in unrelenting one-off attacks. but all across the world,” Bresman told me.

Ransomware

Ransomware Security Authentication Access

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Webinars

Trending Sources

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

5 IoT Security Predictions for 2019

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Belgium telecom operators Proximus and Orange drop Huawei

To Secure Medical Devices, the FDA Turns to Ethical Hackers

US officials claim Huawei Equipment has secret backdoor for spying

How Secure Are Bitcoin Wallets, Really?

WECON PI Studio HMI software affected by code execution flaws

Swedish court suspended the ban on Huawei equipment

SAP security fixes address Critical flaw in SAP HANA XSA

APT32 state hackers target human rights defenders with spyware

The German BSI agency recommends replacing Kaspersky antivirus software

Israel announced to have foiled an attempted cyber-attack on defence firms

Sweden bans Huawei and ZTE from building its 5G infrastructure

Mitsubishi Electric Corp. was hit by a new cyberattack

Experts spotted two Android spyware used by Indian APT Confucius

TinyNuke banking malware targets French organizations

High Severity DoS bug affects Several Yokogawa products

ATM vendors Diebold and NCR fixed deposit forgery bugs

ESET warns of three flaws that affect over 100 Lenovo notebook models

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

QSnatch malware infected over 62,000 QNAP NAS Devices

CarsBlues Bluetooth attack Affects tens of millions of vehicles

UK NCSC releases the Vulnerability Disclosure Toolkit

Cobalt crime gang is using again CobInt malware in attacks on former soviet states

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

High severity XML external entity flaw affects Sauter building automation product

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Android devices shipped with backdoored firmware as part of the BADBOX network

Google Android team found high severity flaw in Honeywell Android-based handheld computers

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

US indicted 4 Russian government employees for attacks on critical infrastructure

Expert found Russia’s SORM surveillance equipment leaking user data

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

Stay Connected