Security Affairs

OCTOBER 30, 2021

MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. Pierluigi Paganini.

Manufacturing 145

Manufacturing Education Access Security 145

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 145

Ransomware Manufacturing Access Phishing 145

CGI

MAY 6, 2021

Using blockchain to combat counterfeiting in manufacturing. Correspondingly, for manufacturers and retailers, safeguarding the consumer experience and ensuring safety and trust are key to protecting the brand. Thu, 05/06/2021 - 05:45. ravi.kumarv@cgi.com. ravi.kumarv@cgi.com.

Blockchain 95

Blockchain Manufacturing B2C B2B 95

The Last Watchdog

MARCH 31, 2021

The start of 2021 brings forth a cyber security crossroads. Many IT experts are warning that it won’t be long before hackers compromise several unprotected home networks simultaneously to manufacture a forceful and large-scale breach of vital services and systems. Related: Breaches spike during pandemic.

Cybersecurity 149

Cybersecurity Cloud Authentication IoT 149

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. To nominate, please visit:?

Agriculture 98

Agriculture Manufacturing Ransomware Cybersecurity 98

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Ransomware 120

Ransomware Manufacturing Cybersecurity Risk 120

eSecurity Planet

NOVEMBER 19, 2021

Broadcom also offers a location hub microcontroller and System-on-a-Chip (SoC) systems for embedded IoT security for organizations handling product manufacturing. The Forrester Wave for ICS Security Solutions released earlier this month for Q4 2021 placed Cisco atop the ICS/OT security industry. Cisco Features.

IoT 133

IoT Security Risk Cloud 133

OpenText Information Management

FEBRUARY 23, 2021

As a result, Life Sciences organizations start 2021 with new perspectives and new priorities, viewed through a lens … The post Adapt, pivot and persevere: Life Sciences in 2021 appeared first on OpenText Blogs.

Content services 109

Content services Manufacturing Compliance Cloud 109

Security Affairs

JANUARY 12, 2022

2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91 2021-12-09 16:18:46 2021-12-09 20:00:13 149.154.167.91 2021-12-22 18:38:18 2021-12-23 11:33:58. “Some telemetry data is shown below. IP Address Start Time End Time 149.154.167.91

Manufacturing 145

Manufacturing File names Archiving Encryption 145

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

IoT 98

IoT Manufacturing IT Security 98

IT Governance

JULY 7, 2021

The number of officially reported HMRC-branded phishing scams increased from 572,029 in the 2019–2020 fiscal year to 1,069,522 in 2020–2021, according to data obtained under the Freedom of Information Act. Avanan’s 2021 Global Phish Cyber Attack Report found that credential harvesting is used in 54% of all phishing attacks.

Phishing 98

Phishing Manufacturing Insurance Data breaches 98

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. Two other domains connected to that Google Analytics code — Russian plastics manufacturers techplast[.]ru But on Dec.

Passwords 282

Passwords Analytics Manufacturing Access 282

Thales Cloud Protection & Licensing

JULY 26, 2022

Establishing an IAM Blueprint for Securing Manufacturing Environments. The manufacturing sector is crucial to the economic prosperity of all countries. Products made by these manufacturing industries are essential to many other critical infrastructure sectors. IAM Blueprint for Securing Manufacturing Environments.

Manufacturing 71

Manufacturing Authentication Security Risk 71

Krebs on Security

SEPTEMBER 10, 2021

But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. Mirai was extremely successful at crowding out this competition, and quickly grew to infect tens of thousands of IoT devices made by dozens of manufacturers.

IoT 317

IoT Manufacturing IT Security 317

erwin

JANUARY 7, 2021

Our predictions for 2021 are rooted in what we’ve learned from the past year and the relevance of data in getting us to where we are and where we need to go. Data Becomes a Matter of Life or Death: To say that data will be the difference between life and death in 2021 is not hyperbole. COVID changed everything.

Metadata 98

Metadata Government Compliance Artificial Intelligence 98

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. The post List of data breaches and cyber attacks in June 2021 – 9.8 But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year. discloses ransomware incident (unknown).

Data breaches 129

Data breaches Ransomware Computer and Electronics Retail 129

Security Affairs

AUGUST 9, 2021

ransomware attacks against Australian organizations starting July 2021. ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 ransomware. in Australia since 2020. ” states the advisory.

Ransomware 131

Ransomware Retail Security Manufacturing 131

OpenText Information Management

JANUARY 15, 2021

Some estimates place the growth at 12-14% for 2021, however trading conditions are still challenging and uncertain.

IT 88

IT Manufacturing 88

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. 7}' 1432d89.

Passwords 122

Passwords Manufacturing Authentication Access 122

IT Governance

MARCH 1, 2021

The post List of data breaches and cyber attacks in February 2021 – 2.3 Google says it’s too easy for hackers to find new security flaws Poland’s Medical University of Silesia issued GDPR fine for omitted data breach notification Blockchain transactions confirm murky and interconnected ransomware scene.

Data breaches 129

Data breaches Ransomware Phishing Blockchain 129

Security Affairs

FEBRUARY 8, 2024

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 141

Ransomware Blockchain Manufacturing Analytics 141

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability, tracked as CVE-2021-22681 , can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. ” reads the advisory published by CISA. ” reads the advisory published by CISA.

Authentication 141

Authentication Communications Manufacturing Risk 141

Krebs on Security

DECEMBER 13, 2022

In November 2021, KrebsOnSecurity detailed how Pompompurin abused a vulnerability in an FBI online portal designed to share information with state and local law enforcement authorities, and how that access was used to blast out thousands of hoax email messages — all sent from an FBI email and Internet address.

Sales 363

Sales Energy and Utilities Communications Data breaches 363

eSecurity Planet

OCTOBER 27, 2021

We here at eSecurity Planet have our own views and methodology on this much-debated issue, and present to you our reviews of the Best Antivirus Software of 2021. While many consumer devices today come with standard antivirus software, a growing number of internet-enabled systems, like IoT devices , are being manufactured with light security.

Ransomware 98

Ransomware Marketing Security Mining 98

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Authentication 145

Authentication Military Ransomware Manufacturing 145

Thales Cloud Protection & Licensing

APRIL 5, 2021

Thales Earns 5-Star Rating in 2021 CRN Partner Program Guide. Tue, 04/06/2021 - 06:57. CRN’s 2021 Partner Program Guide gives insight into the strengths of each organization’s program to recognize those that continually support and push positive change inside the IT channel.”.

Encryption 77

Encryption Manufacturing Access IT 77

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Manufacturing 137

Manufacturing Access IT Security 137

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. So here's a freebie pic.twitter.com/xDkl87RCmz — jonhat (@j0nh4t) August 21, 2021. So here's a freebie pic.twitter.com/xDkl87RCmz — jonhat (@j0nh4t) August 21, 2021. Pierluigi Paganini.

Computer and Electronics 144

Computer and Electronics Manufacturing Financial Services Access 144

Security Affairs

APRIL 19, 2022

“CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code. Both drivers are used only during the manufacturing process. ” reads the advisory published by ESET.

Manufacturing 106

Manufacturing Cybersecurity Security IT 106

Security Affairs

SEPTEMBER 16, 2024

The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcoded credentials.

Manufacturing 137

Manufacturing Security Access Risk 137

Security Affairs

AUGUST 21, 2021

The three vulnerabilities used in ProxyShell attacks are: CVE-2021-34473 – Pre-auth Path Confusion leads to ACL Bypass (Patched in April by KB5001779 ) CVE-2021-34523 – Elevation of Privilege on Exchange PowerShell Backend (Patched in April by KB5001779 ) CVE-2021-31207 – Post-auth Arbitrary-File-Write leads to RCE (Patched in May by KB5003435 ).

Ransomware 145

Ransomware Encryption Financial Services Manufacturing 145

Hunton Privacy

NOVEMBER 3, 2021

On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on cybersecurity (“NIS2 Directive”).

Cybersecurity 126

Cybersecurity Manufacturing Encryption Security 126

eSecurity Planet

JANUARY 26, 2022

The vulnerability, tracked as CVE-2021-4034 , has “been hiding in plain sight” for more than 12 years and infects all versions of polkit’s pkexec since it was first developed in 2009, Bharat Jogi, director of vulnerability and threat research at Qualys, wrote in a blog post. . Log4Shell is tracked as CVE-2021-44228. through 2.14.1.

Manufacturing 139

Manufacturing IoT Cybersecurity Cloud 139

Security Affairs

AUGUST 31, 2021

Researchers at cybersecurity firm Rapid7 discovered two vulnerabilities that can be exploited by hackers to remotely disarm the Fortress S03 WiFi Security System manufactured by Fortress Security Store. The flaws, tracked as CVE-2021-39276 (CVSS score: 5.3) Both issues were reported by cybersecurity firm Rapid7 in May 2021.

Security 126

Security Cloud Manufacturing Cybersecurity 126

Security Affairs

AUGUST 2, 2021

The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide. The CVE-2021-37160 has yet to be addressed. Swisslog has released Nexus Control Panel version 7.2.5.7

Ransomware 124

Ransomware Manufacturing Cybersecurity Passwords 124

Security Affairs

AUGUST 24, 2021

“One of the vulnerabilities disclosed, CVE-2021-35395 [2], affects the web interface that is part of the SDK, and is a collection of 6 different vulnerabilities. As of August 18th, we have identified attempts to exploit CVE-2021-35395 in the wild.” ” reported IoT Inspector. ” states SAM experts.

IoT 140

IoT Manufacturing Authentication Security 140

Security Affairs

JUNE 27, 2022

.” The Chinese researchers who discovered the vulnerabilities pointed out that CODESYS V2 Runtime is used by many manufacturers, and most of these manufacturers still use outdated versions. The vulnerabilities affect a large number of manufacturers using a version of CODESYS V2 Runtime older than V2.4.7.57.

Manufacturing 117

Manufacturing Risk Security Authentication 117