2019, Manufacturing and Security - Information Management Today

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” reads the report p ublished by TrapX.”First,

Manufacturing

Manufacturing IoT Communications Risk

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. 2019 will continue these trends but at a faster pace. The regulation around IoT security was this year’s signal that the answer is, fortunately, no.

IoT

IoT Security Manufacturing Privacy

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). Introduction.

Manufacturing

Manufacturing e-Delivery IT Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

German arms manufacturer Rheinmetall suffered Black Basta ransomware attack

Security Affairs

MAY 23, 2023

The German automotive and arms manufacturer Rheinmetall announced it was victim of a Black Basta ransomware attack that took place last month. Rheinmetall is a German automotive and arms manufacturer that is listed on the Frankfurt stock exchange. The company is still working to completely recover from the security breach.

Manufacturing

Manufacturing Ransomware Cybersecurity Security

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. According to the company, attackers did not obtain sensitive information about defense contracts.

Security

Security Manufacturing Data breaches Access

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Security Affairs

JULY 28, 2019

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 Pierluigi Paganini.

Manufacturing

Manufacturing Security IT Information Security

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Security Affairs

FEBRUARY 7, 2021

The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. “The number of ICS vulnerabilities disclosed in 2020 increased by 32.89% compared to 2018 and 24.72% compared to 2019. ” reads the report published by Claroty. . continues the report.

Manufacturing

Manufacturing Risk Marketing Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection. Pierluigi Paganini.

Manufacturing

Manufacturing Paper Communications IT

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

The best news of the week with Security Affairs. Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root. Google mistakenly shared private videos of some users with others in 2019. Japanese defense contractors Pasco and Kobe Steel disclose security breaches. Pierluigi Paganini.

Security

Security Ransomware IoT Manufacturing

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, at the time, it claimed that attackers did not obtain sensitive information about defense contracts. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Security

Security Military Manufacturing Personal data

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Security Affairs

NOVEMBER 19, 2019

Experts found multiple flaws (CVE-2019-2234) in the Android camera apps provided by Google and Samsung that could allow attackers to spy on users. “After disclosing these findings to Google, they shared the report with other Android manufacturers, and Samsung confirmed the vulnerabilities existed in their smartphones as well. .

Manufacturing

Manufacturing Metadata Security awareness IoT

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

GreyEnergy: Welcome to 2019

Security Affairs

JANUARY 16, 2019

In order to investigate the attribution of the sample, Cybaze-Yoroi Zlab researchers performed a comparative analysis of the January 2019’s sample with respect to technical indicators and TTP published in previous articles. The remote destination ends to the 217.12.204.100 IP address, owned by an Ukrainian contractor and manufacturer company.

Phishing

Phishing Manufacturing Encryption IT

Nefilim ransomware operators leak data stolen from Whirlpool

Security Affairs

DECEMBER 28, 2020

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The company has over 77,000 employees at 59 manufacturing & technology research centers worldwide and generated $20 billion in revenue for 2019. respectively. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Marketing Archiving

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. billion revenue in 2019. billion revenue in 2019.

Ransomware

Ransomware Manufacturing Encryption Access

SAP security fixes address Critical flaw in SAP HANA XSA

Security Affairs

FEBRUARY 14, 2019

SAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. SAP Security Patch Day for February 2019 includes 13 Security Notes and 3 updates to previously released security notes.

Security

Security Manufacturing Access Authentication

Critical flaw could have allowed attackers to control traffic lights

Security Affairs

JUNE 6, 2020

A critical vulnerability in traffic light controllers manufactured by SWARCO could have been exploited by attackers to disrupt traffic lights. SWARCO is the world’s largest manufacturer of signal heads and the number two internationally for reflective glass beads. ” reads the security advisory published by the U.S.

Manufacturing

Manufacturing Cybersecurity Access Security

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A. Pierluigi Paganini.

Retail

Retail Manufacturing Ransomware Security

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Security Affairs

AUGUST 5, 2020

Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities that have been addressed by the manufacturer WOWZA Streaming Engine, between the end of 2019 and July 2020. Pierluigi Paganini. SecurityAffairs – hacking, WOWZA Streaming Engine).

Manufacturing

Manufacturing Government Access Security

Flaws in 4G Routers of various vendors put millions of users at risk

Security Affairs

AUGUST 13, 2019

Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices. G Richter, a security researcher at Pen Test Partners discovered multiple vulnerabilities 4G routers manufactured by different vendors. high severity CVSS v3.

Risk

Risk Manufacturing Passwords Authentication

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019. Pierluigi Paganini.

Manufacturing

Manufacturing Cloud Cybersecurity Security

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. We envision substantial amendments to the BLE stack certification to avoid SweynTooth style security flaws. 2.60 (CVE-2019-16336) and NXP KW41Z 3.40 SDK (CVE-2019-17519).

IoT

IoT Security Manufacturing Communications

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. Pierluigi Paganini.

Manufacturing

Manufacturing Passwords Access Security

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Manufacturing

Manufacturing Cybersecurity Encryption Passwords

Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking

WIRED Threat Level

MAY 10, 2020

The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and affects any PC manufactured before 2019.

Manufacturing

Manufacturing Access Security

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.” The post How to secure QNAP NAS devices?

Security

Security Ransomware Encryption Systems administration

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. “On

Manufacturing

Manufacturing Data breaches Access Sales

DoppelPaymer ransomware gang hit Foxconn electronics giant

Security Affairs

DECEMBER 7, 2020

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. Foxconn manufactures electronic products for major American, Canadian, Chinese, Finnish, and Japanese companies. The plan is located in Ciudad Juárez, Chihuahua, Mexico. ” reported BleepingComputer.

Ransomware

Ransomware Manufacturing Encryption Cybersecurity

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? “Based on the message body of the leak, the cyber attack indicates hacktivism, but last year, around May 23, 2019, UK warned NATO allies of hacking activities of Russia -> Link.

Military

Military Manufacturing Phishing Government

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware

Ransomware Encryption Manufacturing Passwords

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Data-Wiping Attacks Hit Outdated Western Digital Devices

Data Breach Today

JUNE 28, 2021

Manufacturer Stopped Supporting Targeted Network-Attached Storage Devices in 2015 Owners of Western Digital My Book Live devices have seen their data remotely wiped by attackers targeting a flaw first detailed in 2019.

Manufacturing

Manufacturing Security

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. Some documents provide details about the SpaceX’s manufacturing partner program. Other companies impacted by the security incident did not provide any official communication.

Ransomware

Ransomware Manufacturing Military Cybersecurity

Security Affairs newsletter Round 196 – News of the week

Security Affairs

JANUARY 13, 2019

The best news of the week with Security Affairs. Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year. Nine 2019 Cybersecurity Predictions. First Google security patches for Android in 2019 fix a critical flaw. 20% discount. Kindle Edition. Paper Copy.

Security

Security Manufacturing Paper Ransomware

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. Pierluigi Paganini.

Manufacturing

Manufacturing Risk Communications Security

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. . Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing

Manufacturing Business Services Communications IT

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts.

Data breaches

Data breaches Computer and Electronics Government Access

eCh0raix ransomware is back and targets QNAP NAS devices again

Security Affairs

JUNE 6, 2020

The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer and Anomali. The ransomware targets poorly protected or vulnerable NAS servers manufactured by Taiwan-based QNAP Systems, attackers exploits known vulnerabilities or carry out brute-force attacks. Pierluigi Paganini.

Ransomware

Ransomware Encryption Manufacturing Passwords

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs

AUGUST 8, 2020

Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k , a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress. ” continues the research.

Encryption

Encryption Manufacturing IoT Communications

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . Downloader and FlawedAmmyy.

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Manufacturing

Manufacturing Education Encryption IT

China-linked Winnti APT steals intellectual property from companies worldwide

Security Affairs

MAY 4, 2022

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. The attackers targeted intellectual property developed by the victims, including sensitive documents, blueprints, diagrams, formulas, and manufacturing-related proprietary data.”

Manufacturing

Manufacturing Archiving Access Cybersecurity

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Manufacturing Government

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A. Pierluigi Paganini.

Ransomware

Ransomware IT Retail Manufacturing

IoT devices at major Manufacturers infected with crypto-miner

5 IoT Security Predictions for 2019

Webinars

Trending Sources

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

German arms manufacturer Rheinmetall suffered Black Basta ransomware attack

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs newsletter Round 250

Japan suspects HGV missile data leak in Mitsubishi security breach

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

GreyEnergy: Welcome to 2019

Nefilim ransomware operators leak data stolen from Whirlpool

IPG Photonics high-performance laser developer hit with ransomware

SAP security fixes address Critical flaw in SAP HANA XSA

Critical flaw could have allowed attackers to control traffic lights

Hackers hit Luxottica, production stopped at two Italian plants

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Flaws in 4G Routers of various vendors put millions of users at risk

Mitsubishi Electric Corp. was hit by a new cyberattack

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Botnet operators target multiple zero-day flaws in LILIN DVRs

QSnatch malware infected over 62,000 QNAP NAS Devices

Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking

How to secure QNAP NAS devices? The vendor’s instructions

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

DoppelPaymer ransomware gang hit Foxconn electronics giant

Researchers found alleged sensitive documents of NATO and Turkey

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Data-Wiping Attacks Hit Outdated Western Digital Devices

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs newsletter Round 196 – News of the week

Belgium telecom operators Proximus and Orange drop Huawei

TinyNuke banking malware targets French organizations

Mitsubishi Electric discloses data breach, media blame China-linked APT

eCh0raix ransomware is back and targets QNAP NAS devices again

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

China-linked Winnti APT steals intellectual property from companies worldwide

Law enforcement operation seized Ragnar Locker group’s infrastructure

Nefilim ransomware gang published Luxottica data on its leak site

Stay Connected