2021, Information Security, IT and Manufacturing

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Security Affairs

MARCH 23, 2021

Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. Sierra Wireless announced it has halted its production at manufacturing facilities due to the ransomware attack, it is currently working to restart the production “soon.”.

Manufacturing

Manufacturing Ransomware IT IoT

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Ransomware Data breaches Risk

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. In 2021, a flaw in the operation was found that allowed a free BlackByte decryptor to be created. Asahi Group Holdings, Ltd. uses extortion techniques similar to LockBit ones. Pierluigi Paganini.

Manufacturing

Manufacturing Ransomware Sales Security

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

US agricultural machinery manufacturer AGCO suffered a ransomware attack

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. To nominate, please visit:?

Agriculture

Agriculture Manufacturing Ransomware Cybersecurity

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Authentication Manufacturing Security

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list.

Manufacturing

Manufacturing Education Access Security

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

IoT

IoT Manufacturing IT Security

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware

Ransomware Manufacturing Access Phishing

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers. pic.twitter.com/62uQWT4YQB — Andrea Draghetti (@AndreaDraghetti) May 12, 2023 The most recent entry in the database is March 16th, 2021, a circumstance that suggests it is a new data breach suffered by Luxottica.

Data breaches

Data breaches Retail Sales Ransomware

637 flaws in industrial control system (ICS) products were published in H1 2021

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Ransomware

Ransomware Manufacturing Cybersecurity Risk

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The new RedLine variant searches for the following strings to locate relevant folders for data exfiltration: wallet.dat (information related to cryptocurrency) wallet (information related to cryptocurrency) Login Data Web Data Cookies Opera GX Stable Opera GX. 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91

Manufacturing

Manufacturing File names Archiving Encryption

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Manufacturing

Manufacturing Information Security Military Cybersecurity

D-Link addressed three critical RCE in wireless router models

Security Affairs

SEPTEMBER 16, 2024

The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcoded credentials.

Manufacturing

Manufacturing Access Security Risk

Researchers analyzed the PREDATOR spyware and its loader Alien

Security Affairs

MAY 29, 2023

Both components work together to bypass traditional security features on the Android operating system. ” In May 2022, Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities.

IT

IT Communications Access Manufacturing

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware

Ransomware IT Access Manufacturing

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. ” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. ” reads the advisory.

Ransomware

Ransomware Manufacturing Access Risk

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo has published a security advisory to warn customers of vulnerabilities that affect its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its notebook models, including IdeaPad 3, Legion 5 Pro-16ACH6 H, and Yoga Slim 9-14ITL05. Both drivers are used only during the manufacturing process.

Manufacturing

Manufacturing Cybersecurity Security IT

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Security Affairs

SEPTEMBER 30, 2023

Exposed records include customers’ names, addresses, dates of reservation, payment method, and contact information. The ALPHV/BlackCat ransomware gang added the hotel chain Motel One to the list of victims on its Tor leak site. The ALPHV/BlackCat ransomware gang added Motel One to the list of victims on its Tor leak site.

Ransomware

Ransomware Manufacturing Risk IT

NHTSA Publishes Final Cybersecurity Best Practices

Hunton Privacy

SEPTEMBER 26, 2022

The 2022 Best Practices reflect the agency’s final, non-binding vehicle cybersecurity guidance following its release of draft guidance in January 2021. The 2022 Best Practices also is an update to NHTSA’s first cybersecurity best practices document, which was issued in 2016. .

Cybersecurity

Cybersecurity Manufacturing Risk Information Security

Surveillance vendor exploited Samsung phone zero-days

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Manufacturing

Manufacturing Access IT Security

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs

OCTOBER 1, 2023

The ransomware group accused the organization of has attempted to cover up the security breach. Maclaren Your security is at an all-time low, and we’ve proven it to you. The cyber security researcher Dominic Alvieri reported that ALPHV BlackCat Ransomware has breached 15 more US hospitals & 2 HMOs.

Ransomware

Ransomware Manufacturing Privacy Security

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Blockchain Manufacturing Analytics

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. 7}' 1432d89. 7}' 1432d89.

Passwords

Passwords Manufacturing Authentication Access

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021.

Ransomware

Ransomware Retail Security Manufacturing

Who is behind the Mozi Botnet kill switch?

Security Affairs

NOVEMBER 2, 2023

In mid-2021, Qihoo 360 researchers reported that the botnet was composed of more 1.5 In July 2021, Netlab experts helped law enforcement to identify and arrest the alleged author of the Mozi bot. The mozi author has been arrested few weeks ago by LE with information provided by our team. One botnet down more to go.

IoT

IoT Manufacturing IT Security

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware

Ransomware IT Access Manufacturing

Witchetty APT used steganography in attacks against Middle East entities

Security Affairs

OCTOBER 1, 2022

The APT group has been continuously improving its toolset by employing new malware in attacks aimed at governments, diplomatic missions, charities, and industrial/manufacturing organizations in the Middle East and Africa. However, the payload is hidden within the file and is decrypted with an XOR key.” ” the researchers concluded.

Manufacturing

Manufacturing Government Cybersecurity IT

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity. Operation Blacksmith involved the exploitation of CVE-2021-44228 , also known as Log4Shell. In March, the threat actors hit a South American agricultural organization. ” reads the analysis published by Talos.

Agriculture

Agriculture Data collection Access Manufacturing

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. ” The Snatch ransomware was first spotted at the end of 2019, Sophos researchers discovered a piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions. .”

Ransomware

Ransomware Computer and Electronics Agriculture Military

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Financial Services Access

Experts found a critical authentication bypass flaw in Rockwell Automation software

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability, tracked as CVE-2021-22681 , can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Authentication

Authentication Communications Manufacturing Risk

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

AUGUST 21, 2021

The three vulnerabilities used in ProxyShell attacks are: CVE-2021-34473 – Pre-auth Path Confusion leads to ACL Bypass (Patched in April by KB5001779 ) CVE-2021-34523 – Elevation of Privilege on Exchange PowerShell Backend (Patched in April by KB5001779 ) CVE-2021-31207 – Post-auth Arbitrary-File-Write leads to RCE (Patched in May by KB5003435 ).

Ransomware

Ransomware Encryption Financial Services Manufacturing

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

After looking at 28 of the most popular manufacturers, our research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021. What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. The reign of a Chinese brand.

Passwords

Passwords Manufacturing Authentication Government

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Communications

Communications Ransomware Data breaches Manufacturing

Two critical flaws affect CODESYS ICS Automation Software

Security Affairs

JUNE 27, 2022

CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service (DoS) condition. CODESYS has released security patches to fix eleven 11 vulnerabilities in its ICS Automation Software. The timeline of the issues is: On September 15, 2021 ?Started

Manufacturing

Manufacturing Risk Security Authentication

Microsoft: Raspberry Robin worm already infected hundreds of networks

Security Affairs

JULY 3, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Now Microsoft confirmed that the threat was discovered on the networks of multiple customers, including organizations in the technology and manufacturing sectors.

Manufacturing

Manufacturing Libraries Communications Cybersecurity

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. ” reads the court filing.

Risk

Risk Government Manufacturing IT

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. The team has identified that Ecco left 50 indices exposed to the public, with over 60GB of data accessible since June 2021.

Retail

Retail Manufacturing Sales Phishing

Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System

Security Affairs

AUGUST 31, 2021

Researchers at cybersecurity firm Rapid7 discovered two vulnerabilities that can be exploited by hackers to remotely disarm the Fortress S03 WiFi Security System manufactured by Fortress Security Store. The flaws, tracked as CVE-2021-39276 (CVSS score: 5.3) ” reads the post published by Rapid7.

Security

Security Cloud Manufacturing Cybersecurity

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws. ” states SAM experts.

IoT

IoT Manufacturing Authentication Security

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Authentication

Authentication Military Ransomware Manufacturing

Mozi infections will slightly decrease but it will stay alive for some time to come

Security Affairs

SEPTEMBER 1, 2021

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. state researchers at Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT. “By

IT

IT IoT Mining Manufacturing

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Blockchain Manufacturing Analytics

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Webinars

Trending Sources

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Webinars

US agricultural machinery manufacturer AGCO suffered a ransomware attack

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Ranzy Locker ransomware hit tens of US companies in 2021

2021 data breach exposed data of 70 Million Luxottica customers

637 flaws in industrial control system (ICS) products were published in H1 2021

New RedLine malware version distributed as fake Omicron stat counter

The German BSI agency recommends replacing Kaspersky antivirus software

D-Link addressed three critical RCE in wireless router models

Researchers analyzed the PREDATOR spyware and its loader Alien

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Mazda Connect flaws allow to hack some Mazda vehicles

ESET warns of three flaws that affect over 100 Lenovo notebook models

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

NHTSA Publishes Final Cybersecurity Best Practices

Surveillance vendor exploited Samsung phone zero-days

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

French authorities arrested a Russian national for his role in the Hive ransomware operation

Experts found backdoors in a popular Auerswald VoIP appliance

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Who is behind the Mozi Botnet kill switch?

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Witchetty APT used steganography in attacks against Middle East entities

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Experts found a critical authentication bypass flaw in Rockwell Automation software

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

3.5m IP cameras exposed, with US in the lead

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Two critical flaws affect CODESYS ICS Automation Software

Microsoft: Raspberry Robin worm already infected hundreds of networks

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System

Realtek SDK flaws exploited to deliver Mirai bot variant

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Mozi infections will slightly decrease but it will stay alive for some time to come

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Stay Connected