2021, Manufacturing and Security - Information Management Today

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. In 2021, a flaw in the operation was found that allowed a free BlackByte decryptor to be created. Asahi Group Holdings, Ltd. uses extortion techniques similar to LockBit ones. Pierluigi Paganini.

Manufacturing

Manufacturing Ransomware Sales Security

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Authentication Manufacturing Security

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Ransomware Data breaches Risk

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list.

Manufacturing

Manufacturing Education Access Security

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware

Ransomware Manufacturing Access Phishing

US agricultural machinery manufacturer AGCO suffered a ransomware attack

Security Affairs

MAY 8, 2022

The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. Pierluigi Paganini.

Agriculture

Agriculture Manufacturing Ransomware Cybersecurity

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021.

Ransomware

Ransomware Retail Security Manufacturing

637 flaws in industrial control system (ICS) products were published in H1 2021

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Ransomware

Ransomware Manufacturing Cybersecurity Risk

Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System

Security Affairs

AUGUST 31, 2021

Rapid7 researchers discovered two flaws that can be exploited by attackers to remotely disable one of the home security systems offered by Fortress Security Store. The Fortress S03 Wi-Fi Home Security System allows users to build their own alarm system to secure their homes and small businesses.

Security

Security Cloud Manufacturing Cybersecurity

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91 2021-12-09 16:18:46 2021-12-09 20:00:13 149.154.167.91 2021-12-22 18:38:18 2021-12-23 11:33:58. “Some telemetry data is shown below. IP Address Start Time End Time 149.154.167.91

Manufacturing

Manufacturing File names Archiving Encryption

Security Affairs newsletter Round 303

Security Affairs

FEBRUARY 28, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 303 appeared first on Security Affairs. Pierluigi Paganini.

Security

Security Blockchain Manufacturing Analytics

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs

JANUARY 26, 2023

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE ( CVE-2021-35394 ) (CVSS score 9.8)

IoT

IoT Manufacturing IT Security

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 326 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Ransomware Mining IoT

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild.

Authentication

Authentication Military Ransomware Manufacturing

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Security Affairs

AUGUST 21, 2021

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains. financial organization on July 20, 2021, with its latest activity seen as recently as August 20. .

Ransomware

Ransomware Encryption Financial Services Manufacturing

Experts found a critical authentication bypass flaw in Rockwell Automation software

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability, tracked as CVE-2021-22681 , can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Authentication

Authentication Communications Manufacturing Risk

D-Link addressed three critical RCE in wireless router models

Security Affairs

SEPTEMBER 16, 2024

The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company. “When D-Link became aware of the reported security issues, we promptly started investigating and developing security patches.

Manufacturing

Manufacturing Security Access Risk

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. 7}' 1432d89. Pierluigi Paganini.

Passwords

Passwords Manufacturing Authentication Access

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Financial Services Access

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo has published a security advisory to warn customers of vulnerabilities that affect its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its notebook models, including IdeaPad 3, Legion 5 Pro-16ACH6 H, and Yoga Slim 9-14ITL05. Both drivers are used only during the manufacturing process.

Manufacturing

Manufacturing Security Cybersecurity IT

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws. ” reported IoT Inspector.

IoT

IoT Manufacturing Authentication Security

Surveillance vendor exploited Samsung phone zero-days

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Manufacturing

Manufacturing Access IT Security

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Microsoft already fixed the vulnerability with the release of July Patch Tuesday security updates. For more information, please see CVE-2021-34466: [link]. Pierluigi Paganini.

Manufacturing

Manufacturing Authentication Security Access

Security Affairs newsletter Round 392

Security Affairs

NOVEMBER 6, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 392 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Ransomware Military Manufacturing

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. After looking at 28 of the most popular manufacturers, our research team found 3.5 Surge in internet-facing cameras. Most insecure brands.

Passwords

Passwords Manufacturing Authentication Government

Two critical flaws affect CODESYS ICS Automation Software

Security Affairs

JUNE 27, 2022

CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service (DoS) condition. CODESYS has released security patches to fix eleven 11 vulnerabilities in its ICS Automation Software. The timeline of the issues is: On September 15, 2021 ?Started

Manufacturing

Manufacturing Risk Security Authentication

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Security Affairs

AUGUST 2, 2021

The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide. The CVE-2021-37160 has yet to be addressed. Swisslog has also published security advisories for these vulnerabilities. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Cybersecurity Passwords

CISA recommends vendors to fix BrakTooth issues after the release of PoC tool

Security Affairs

NOVEMBER 4, 2021

US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against potential Bluetooth exploits. BrakTooth—originally disclosed in August 2021—is a family of security vulnerabilities in commercial Bluetooth stacks.

Manufacturing

Manufacturing Security IT Information Security

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs

OCTOBER 1, 2023

The ransomware group accused the organization of has attempted to cover up the security breach. Maclaren Your security is at an all-time low, and we’ve proven it to you. The cyber security researcher Dominic Alvieri reported that ALPHV BlackCat Ransomware has breached 15 more US hospitals & 2 HMOs.

Ransomware

Ransomware Manufacturing Privacy Security

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Data breaches Military Ransomware

Witchetty APT used steganography in attacks against Middle East entities

Security Affairs

OCTOBER 1, 2022

The APT group has been continuously improving its toolset by employing new malware in attacks aimed at governments, diplomatic missions, charities, and industrial/manufacturing organizations in the Middle East and Africa. The post Witchetty APT used steganography in attacks against Middle East entities appeared first on Security Affairs.

Manufacturing

Manufacturing Government Cybersecurity IT

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Security Affairs

SEPTEMBER 30, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Motel One ) The post ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One appeared first on Security Affairs. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware Manufacturing Risk IT

Audio equipment maker Bose Corporation discloses a ransomware attack

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. systems on March 7, 2021.” Shortly after the discovery f the security breach the company initiated an incident response procedure and launched an investigation into the incident.

Ransomware

Ransomware Manufacturing Encryption Passwords

Avaddon ransomware gang shuts down their operations and releases decryption keys

Security Affairs

JUNE 11, 2021

BleepingComputer shared the decryption keys with the security firm Emsisoft, which has released in the past free decryptors for multiple pieces of ransomware. — Fabian Wosar (@fwosar) June 11, 2021. The security company already develop a free decryptor for the victims of the Avaddon ransomware. Do not pay.

Ransomware

Ransomware Passwords Manufacturing Archiving

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. ” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. ” reads the advisory.

Ransomware

Ransomware Manufacturing Access Risk

CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

Security Affairs

JANUARY 28, 2021

CISA published a security advisory for High-Severity flaws in some SCADA/HMI products made by Japanese company Fuji Electric. Telus and V-Server SCADA/HMI allow organizations to remotely monitor and control equipment in a factory, they are widely adopted in the critical manufacturing sector. Pierluigi Paganini.

Manufacturing

Manufacturing Cybersecurity Security Access

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Manufacturing

Manufacturing Information Security Military Cybersecurity

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

The threat actors behind the attacks were exploiting an improper authorization vulnerability, tracked as CVE-2021-28799 , that could allow them to log in to a NAS device. “A A ransomware campaign targeting QNAP NAS began the week of April 19th, 2021. reads the security advisory published by the vendor. Pierluigi Paganini.

Ransomware

Ransomware Encryption Passwords Manufacturing

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. To achieve this, attackers are also leveraging CVE-2021-28799 to deliver the new eCh0raix ransomware variant to QNAP devices.”

Ransomware

Ransomware Encryption Passwords Manufacturing

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. ” reads the post published by Microsoft.

Military

Military Manufacturing Access Security

Who is behind the Mozi Botnet kill switch?

Security Affairs

NOVEMBER 2, 2023

In mid-2021, Qihoo 360 researchers reported that the botnet was composed of more 1.5 In July 2021, Netlab experts helped law enforcement to identify and arrest the alleged author of the Mozi bot. appeared first on Security Affairs. million infected systems, most of them in China (830,000). One botnet down more to go.

IoT

IoT Manufacturing Security IT

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

Security Affairs

MARCH 15, 2021

A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a new proof-of-concept exploit that could be adapted to install web shells on Microsoft Exchange servers vulnerable ProxyLogon issues.

Ransomware

Ransomware Military Manufacturing Security

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

Researchers from industrial security firm Claroty disclosed details of a vulnerability affecting ABB Totalflow flow computers and remote controllers. Flow computers are used to calculate volume and flow rates for oil and gas that are critical to electric power manufacturing and distribution. Pierluigi Paganini.

Passwords

Passwords Authentication Manufacturing Ransomware

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web after the US security company Ultra Intelligence & Communications suffered a data breach.

Communications

Communications Ransomware Data breaches Manufacturing

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Webinars

Trending Sources

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Webinars

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Ranzy Locker ransomware hit tens of US companies in 2021

US agricultural machinery manufacturer AGCO suffered a ransomware attack

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

637 flaws in industrial control system (ICS) products were published in H1 2021

Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs newsletter Round 303

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Security Affairs newsletter Round 326

Researchers warn of a surge in cyber attacks against Microsoft Exchange

New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

Experts found a critical authentication bypass flaw in Rockwell Automation software

D-Link addressed three critical RCE in wireless router models

Experts found backdoors in a popular Auerswald VoIP appliance

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

ESET warns of three flaws that affect over 100 Lenovo notebook models

Realtek SDK flaws exploited to deliver Mirai bot variant

Surveillance vendor exploited Samsung phone zero-days

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs newsletter Round 392

3.5m IP cameras exposed, with US in the lead

Two critical flaws affect CODESYS ICS Automation Software

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

CISA recommends vendors to fix BrakTooth issues after the release of PoC tool

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs newsletter Round 404 by Pierluigi Paganini

Witchetty APT used steganography in attacks against Middle East entities

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Audio equipment maker Bose Corporation discloses a ransomware attack

Avaddon ransomware gang shuts down their operations and releases decryption keys

Mazda Connect flaws allow to hack some Mazda vehicles

CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

The German BSI agency recommends replacing Kaspersky antivirus software

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Who is behind the Mozi Botnet kill switch?

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Stay Connected