2019, Government and Manufacturing - Information Management Today

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. 2019 will continue these trends but at a faster pace. This bill demonstrates that governments can, and will, be involved in regulating IoT devices.

IoT

IoT Security Manufacturing Privacy

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes in activity throughout the course of 2019. Buried in the Shamoon code was an image of a burning American flag, intended as an admonishment to the Saudi government for supporting American foreign policy in the Middle East.

Energy and Utilities

Energy and Utilities Access Passwords Cybersecurity

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. In 2018 and 2019, ransomware-triggered business disruptions came not in global-spanning worms, ala WannaCry and NotPetya, but in unrelenting one-off attacks. Bresman “There was a big uptick in Q3 and Q4 2019, not just in the U.S., Ransomware hacking groups extorted at least $144.35

Ransomware

Ransomware Security Authentication Access

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government Energy and Utilities Healthcare Access

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. The post New TA2101 threat actor poses as government agencies to distribute malware appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – TA2101, hacking).

Government

Government Ransomware Manufacturing Phishing

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

In 2019, there were an estimated 9.9 As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. Government-Grade Security.

IoT

IoT Cybersecurity Manufacturing Government

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Security Affairs

AUGUST 5, 2020

Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities that have been addressed by the manufacturer WOWZA Streaming Engine, between the end of 2019 and July 2020.

Manufacturing

Manufacturing Government Access Security

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” reads the report published by Crowdstrike.

Access

Access Financial Services Retail Insurance

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Data breaches

Data breaches Computer and Electronics Government Manufacturing

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. “On The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Manufacturing

Manufacturing Data breaches Sales Access

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Manufacturing Government

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

The Russian Government blocked ProtonMail and ProtonVPN. Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root. Google mistakenly shared private videos of some users with others in 2019. IoT devices at major Manufacturers infected with crypto-miner.

Security

Security Ransomware IoT Manufacturing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. The LockBit ransomware gang has been active since September 2019, in June the group announced the LockBit 2.0 in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

The IoT Cybersecurity Improvement Act First was first introduced in 2017, and later in 2019, a new version was introduced. Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important,” explained Sens.

IoT

IoT Cybersecurity Manufacturing Government

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Security

Security Military Manufacturing Personal data

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

billion IoT devices in use as of 2017, half are consumer gadgets, like smart TVs, speakers, watches, baby cams and home thermostats; much of the rest is made up of things like smart electric meters and security cameras in corporate and government use. This will be led by the manufacturing, consumer, transportation and utilities sectors.

IoT

IoT Energy and Utilities Security Privacy

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Manufacturing

Manufacturing Government Security IT

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. LockBit is a prominent ransomware operation that first emerged in September 2019. ” reads the press release published by the U.S. “The

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

In the absence of IoT security regulations, many smart product manufacturers simply release new devices that lack built-in security measures and have not undergone proper security review and testing. Take manufacturing, for instance. Such disruption could have serious consequences depending on the type of organization that’s affected.

IoT

IoT Risk Energy and Utilities Security

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation? This is part one of a series of three blog posts.

Government

Government Personal data Marketing Artificial Intelligence

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

Targeted sectors include: Automotive Clothing Conglomerates Electronics Engineering General Trading Company Government Industrial Products Managed Service Providers Manufacturing Pharmaceutical Professional Services. The latest campaign has been active since mid-October in 2019 and appears to be still ongoing.

Healthcare

Healthcare Archiving Cloud Manufacturing

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

SEPTEMBER 20, 2019

Local government agencies remain acutely exposed to being hacked. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. We spoke at Black Hat USA 2019. That’s long been true.

Ransomware

Ransomware Government Security Retail

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

I had the chance at RSA 2019 to sit down with Lucy CEO Colin Bastable, to discuss the wider context. Customers in financial services, energy, government, healthcare and manufacturing sectors are using its testing and training modules. You can listen to the full interview via the accompanying podcast. office in Austin, TX.

Phishing

Phishing Financial Services Manufacturing Education

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. US-only design and manufacturing isn’t an option; the tech world is far too internationally interdependent for that. It’s been going on since at least 2008.

Cybersecurity

Cybersecurity Manufacturing Government Communications

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.” ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. “According to the report, the sample may have been used in an attack on Taiwanese electronics manufacturing company Delta Electronics Inc. ” reported a statement from the security company cited by CTWANT.

Ransomware

Ransomware Computer and Electronics Manufacturing Encryption

Biometric data of 1M leaked via an unsecured Suprema owned database

Security Affairs

AUGUST 15, 2019

Data was collected by the UK Metropolitan police, small local businesses and governments globally. Currently, the BioStar 2 is used by more than 6,000 organizations, including businesses, governments, financial organizations and the UK Metropolitan Police. Phoenix Medical – Medical products manufacturer. United Kingdom.

Archiving

Archiving Passwords Manufacturing Access

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.

File names

File names Encryption Manufacturing Libraries

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Chinese hackers employed open-source tools for reconnaissance and vulnerability scanning, according to the government experts, they have utilized open-source router specific software frameworks, RouterSploit and RouterScan [ T1595.002 ], to identify vulnerable devices to target.

Authentication

Authentication Passwords Systems administration Access

Q&A: How AI, digital transformation are shaking up revenue management in high tech, life sciences

The Last Watchdog

APRIL 16, 2019

-based life sciences and high-tech manufacturing companies sheds light on how digital transformation – and the rising role of third-party partners – have combined to create unprecedented operational challenges in the brave new world of digital commerce. Related: AI one-upsmanship prevails in antivirus field. LW: How does AI factor in?

Digital transformation

Digital transformation Manufacturing Healthcare Compliance

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

APRIL 13, 2019

Exposed records included member names, personal and government email addresses, job titles, phone numbers, and postal addresses. I think something else will publish from the list of hacked government sites.”. The files contained roughly 4,000 unique records and many duplicates. ” states TechCrunch.

Encryption

Encryption Ransomware Manufacturing Personal data

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the world. The company lies just outside the leading DAX share index with turnover of over €3.4Billion in 2019.

IT

IT Cybersecurity Ransomware Manufacturing

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020. “As

Ransomware

Ransomware Phishing Encryption Privacy

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Security Affairs

SEPTEMBER 22, 2019

The flaw, tracked as CVE-2019-14994, could lead to information disclosure, it could be exploited by anyone with access to the portal, including customers. The following versions of Service Desk Server and Service Desk Data Center address the CVE-2019-14994: 3.9.16, 3.16.8, The flaw tracked as CVE-2019-15001 affects version 7.0.10

Access

Access Manufacturing Education Security

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020.

Ransomware

Ransomware Passwords Financial Services Manufacturing

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. IT Governance released its final Weekly Podcast.

Data breaches

Data breaches GDPR Passwords Personal data

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Military

Military Manufacturing Government Security

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Data Matters

AUGUST 30, 2021

According to the Order, Pearson learned in March 2019 that millions of rows of data had been accessed and downloaded from a company server by a threat actor exploiting an unpatched vulnerability. The Order alleges that Pearson continued to use the server until July 2019 — the time the server was previously scheduled to be retired.

Cybersecurity

Cybersecurity Data Privacy Risk Passwords

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . The infection took place on December 23, the hackers first compromised the company network then installed the ransomware.

IT

IT Ransomware Financial Services Retail

5 IoT Security Predictions for 2019

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Trending Sources

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

New TA2101 threat actor poses as government agencies to distribute malware

The IoT Cybersecurity Act of 2020: Implications for Devices

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Researchers found alleged sensitive documents of NATO and Turkey

Mitsubishi Electric discloses data breach, media blame China-linked APT

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Law enforcement operation seized Ragnar Locker group’s infrastructure

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs newsletter Round 250

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

US House Passes IoT Cybersecurity Improvement Act

Operation Cronos: law enforcement disrupted the LockBit operation

Japan suspects HGV missile data leak in Mitsubishi security breach

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

The Growing Presence (and Security Risks) of IoT

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

China-linked APT10 leverages ZeroLogon exploits in recent attacks

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Chinese Supply-Chain Attack on Computer Systems

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Biometric data of 1M leaked via an unsecured Suprema owned database

China-linked APT41 group targets Hong Kong with Spyder Loader

China-linked threat actors have breached telcos and network service providers

Q&A: How AI, digital transformation are shaking up revenue management in high tech, life sciences

These hackers have breached FBI-affiliated websites and leaked data online

It is time to re-evaluate Cyber-defence solutions

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

2019 end-of-year review part 1: January to June

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

More details about Operation Cronos that disrupted Lockbit operation

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

California IT service provider Synoptek pays ransom after Sodinokibi attack

Stay Connected