2019, Government and Manufacturing - Information Management Today

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. 2019 will continue these trends but at a faster pace. This bill demonstrates that governments can, and will, be involved in regulating IoT devices.

IoT

IoT Security Manufacturing Privacy

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government Energy and Utilities Healthcare Access

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. The post New TA2101 threat actor poses as government agencies to distribute malware appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – TA2101, hacking).

Government

Government Ransomware Manufacturing Phishing

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Security Affairs

AUGUST 5, 2020

Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities that have been addressed by the manufacturer WOWZA Streaming Engine, between the end of 2019 and July 2020.

Manufacturing

Manufacturing Government Access Security

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” reads the report published by Crowdstrike.

Access

Access Financial Services Retail Insurance

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Data breaches

Data breaches Computer and Electronics Government Manufacturing

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. “On The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Manufacturing

Manufacturing Data breaches Access Sales

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Manufacturing Government

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

The Russian Government blocked ProtonMail and ProtonVPN. Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root. Google mistakenly shared private videos of some users with others in 2019. IoT devices at major Manufacturers infected with crypto-miner.

Security

Security Ransomware IoT Manufacturing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. The LockBit ransomware gang has been active since September 2019, in June the group announced the LockBit 2.0 in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

The IoT Cybersecurity Improvement Act First was first introduced in 2017, and later in 2019, a new version was introduced. Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important,” explained Sens.

IoT

IoT Cybersecurity Manufacturing Government

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Security

Security Military Manufacturing Personal data

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Manufacturing

Manufacturing Government Security IT

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

Targeted sectors include: Automotive Clothing Conglomerates Electronics Engineering General Trading Company Government Industrial Products Managed Service Providers Manufacturing Pharmaceutical Professional Services. The latest campaign has been active since mid-October in 2019 and appears to be still ongoing.

Healthcare

Healthcare Archiving Cloud Manufacturing

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. LockBit is a prominent ransomware operation that first emerged in September 2019. ” reads the press release published by the U.S. “The

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

Victims operate in the Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility. .

Healthcare

Healthcare Education Manufacturing Government

Biometric data of 1M leaked via an unsecured Suprema owned database

Security Affairs

AUGUST 15, 2019

Data was collected by the UK Metropolitan police, small local businesses and governments globally. Currently, the BioStar 2 is used by more than 6,000 organizations, including businesses, governments, financial organizations and the UK Metropolitan Police. Phoenix Medical – Medical products manufacturer. United Kingdom.

Archiving

Archiving Passwords Manufacturing Access

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.” ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. “According to the report, the sample may have been used in an attack on Taiwanese electronics manufacturing company Delta Electronics Inc. ” reported a statement from the security company cited by CTWANT.

Ransomware

Ransomware Computer and Electronics Manufacturing Encryption

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.

File names

File names Encryption Manufacturing Libraries

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Chinese hackers employed open-source tools for reconnaissance and vulnerability scanning, according to the government experts, they have utilized open-source router specific software frameworks, RouterSploit and RouterScan [ T1595.002 ], to identify vulnerable devices to target.

Authentication

Authentication Passwords Systems administration Access

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

APRIL 13, 2019

Exposed records included member names, personal and government email addresses, job titles, phone numbers, and postal addresses. I think something else will publish from the list of hacked government sites.”. The files contained roughly 4,000 unique records and many duplicates. ” states TechCrunch.

Encryption

Encryption Ransomware Manufacturing Personal data

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Security Affairs

SEPTEMBER 22, 2019

The flaw, tracked as CVE-2019-14994, could lead to information disclosure, it could be exploited by anyone with access to the portal, including customers. The following versions of Service Desk Server and Service Desk Data Center address the CVE-2019-14994: 3.9.16, 3.16.8, The flaw tracked as CVE-2019-15001 affects version 7.0.10

Access

Access Manufacturing Education Security

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the world. The company lies just outside the leading DAX share index with turnover of over €3.4Billion in 2019.

IT

IT Cybersecurity Ransomware Manufacturing

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Security Affairs

SEPTEMBER 9, 2023

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020. “As

Ransomware

Ransomware Phishing Encryption Privacy

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

The ransomware operation has been active since late December 2019, this is the second time that the FBI first shares IoC related to RagnarLocker operation, the FBI first became aware of this threat in April 2020.

Ransomware

Ransomware Passwords Financial Services Manufacturing

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Military

Military Manufacturing Government Security

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . The infection took place on December 23, the hackers first compromised the company network then installed the ransomware.

IT

IT Ransomware Financial Services Retail

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” In November 2019, the U.S.

Government

Government Communications Risk Cybersecurity

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

DECEMBER 30, 2019

Open Media pointed out that that Windows XP is the last operating system developed by Microsoft that was approved by the Kremlin for use on official Russian government computers. Microsoft Windows 10 is only allowed only for government systems that don’t manage secret information. ” reads the post published by The Guardian.

Government

Government Communications Military Manufacturing

Tridium Niagara framework affected by 2 flaws in BlackBerry QNX OS

Security Affairs

OCTOBER 1, 2019

The Niagara framework is widely adopted, especially in the commercial facilities, government facilities, critical manufacturing and IT sectors. The most severe vulnerability, tracked as CVE-2019-8998, is an information disclosure flaw related to the procfs service that can be exploited by a local attacker for privilege escalation. .

IoT

IoT Manufacturing Access Cybersecurity

China-linked APT used Daxin, one of the most sophisticated backdoor even seen

Security Affairs

MARCH 1, 2022

The malicious code was likely designed for long-running espionage campaigns against government entities and critical infrastructure targets. has been actively used in attacks since at least November 2019, while researchers spotted signs of its deployment again in May 2020 and July 2020. ” states the report published by Symantec.

Communications

Communications Manufacturing Government Risk

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SEPTEMBER 12, 2019

This vulnerability is currently being actively exploited by a specific private company that works with governments to monitor individuals.” The researchers plan to disclose technical details of the attack at the VB2019 London conference , in October 2019. ” states a post published by AdaptiveMobile. ” states the post.

Manufacturing

Manufacturing Security Cybersecurity Risk

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including the defense, high tech, energy, government, aerospace, and manufacturing. The 2019 version also modifies the same rare combination of registry values as all earlier Ketrican samples.

Communications

Communications Manufacturing Encryption Security

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes in activity throughout the course of 2019. Buried in the Shamoon code was an image of a burning American flag, intended as an admonishment to the Saudi government for supporting American foreign policy in the Middle East.

Energy and Utilities

Energy and Utilities Access Passwords Cybersecurity

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. In 2018 and 2019, ransomware-triggered business disruptions came not in global-spanning worms, ala WannaCry and NotPetya, but in unrelenting one-off attacks. Bresman “There was a big uptick in Q3 and Q4 2019, not just in the U.S., Ransomware hacking groups extorted at least $144.35

Ransomware

Ransomware Security Authentication Access

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. . The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information.

Communications

Communications Manufacturing Government Security

Exclusive: MalwareMustDie analyzes a new IoT malware dubbed Linux/ AirDropBot

Security Affairs

SEPTEMBER 30, 2019

Yes, I have to confess, it was hard to wait all this time, but the reward it was worth it: unixfreaxjp is return, with a new, great page of reverse engeeniring published on the MalwareMustDie blog post: “ MMD-0064-2019 – Linux/AirDropBot ”.

IoT

IoT Honeypots Manufacturing Security

5 IoT Security Predictions for 2019

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

Trending Sources

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Webinars

New TA2101 threat actor poses as government agencies to distribute malware

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Researchers found alleged sensitive documents of NATO and Turkey

Mitsubishi Electric discloses data breach, media blame China-linked APT

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Law enforcement operation seized Ragnar Locker group’s infrastructure

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs newsletter Round 250

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

US House Passes IoT Cybersecurity Improvement Act

Japan suspects HGV missile data leak in Mitsubishi security breach

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Operation Cronos: law enforcement disrupted the LockBit operation

China-linked APT10 leverages ZeroLogon exploits in recent attacks

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Biometric data of 1M leaked via an unsecured Suprema owned database

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

China-linked APT41 group targets Hong Kong with Spyder Loader

China-linked threat actors have breached telcos and network service providers

These hackers have breached FBI-affiliated websites and leaked data online

Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

It is time to re-evaluate Cyber-defence solutions

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

California IT service provider Synoptek pays ransom after Sodinokibi attack

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Vladimir Putin ‘s computers still run Windows XP, Media reports

Tridium Niagara framework affected by 2 flaws in BlackBerry QNX OS

China-linked APT used Daxin, one of the most sophisticated backdoor even seen

SimJacker attack allows hacking any phone with just an SMS

China-Linked APT15 group is using a previously undocumented backdoor

More details about Operation Cronos that disrupted Lockbit operation

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Exclusive: MalwareMustDie analyzes a new IoT malware dubbed Linux/ AirDropBot

Stay Connected