2023, Education and Manufacturing - Information Management Today

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

I recently discussed the current state of tech standards with DigiCert’s Mike Nelson , Global Vice President of Digital Trust and, Dean Coclin , Senior Director of Trust Services, at DigiCert Trust Summit 2023. We drilled down on Matter as well as another new standard, BIMI , which stands for “brand indicators for message?identification.”

Security

Security Manufacturing Authentication Marketing

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The Rhysida ransomware group has been active since May 2023. The report includes IOCs and TTPs identified through investigations as recently as September 2023.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

ransomfeed #security #infosec #energychina pic.twitter.com/deRRximVPd — Ransomfeed (@ransomfeed) November 25, 2023 The China Energy Engineering Corporation (CEEC) is a state-owned company in China that operates in the energy and infrastructure sectors. The Rhysida ransomware group has been active since May 2023.

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

GossiTheDog @SOSIntel @UK_Daniel_Card @LisaForteUK pic.twitter.com/L7A3XNNxU7 — Dominic Alvieri (@AlvieriD) November 29, 2023 The group published images of stolen documents as proof of the hack. The Rhysida ransomware group has been active since May 2023. “Unique files are presented to your attention!

Ransomware

Ransomware Manufacturing Education Libraries

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Ransomware

Ransomware Authentication Cybersecurity Access

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

KnowBe4

OCTOBER 19, 2023

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. We could not agree more.

Phishing

Phishing Manufacturing Education Ransomware

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

In December 2023, the group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group has been active since May 2023. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Libraries Education

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July.

Phishing

Phishing Financial Services Manufacturing Personal data

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Publicly disclosed data breaches and cyber attacks City of Philadelphia discloses data breach after five months Date of breach: 24 May 2023 ( notice issued 20 October 2023). International Criminal Court says cyberattack was attempted espionage Date of breach: 19 September 2023 ( update on 20 October 2023).

Data Privacy

Data Privacy Privacy Security Data breaches

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

pic.twitter.com/Wdj7VfkWXa — British Library (@britishlibrary) November 20, 2023 The library plans to partially restore many services in the next few weeks, but it believes that some disruption may persist for longer. The report includes IOCs and TTPs identified through investigations as recently as September 2023.

Libraries

Libraries Ransomware Manufacturing Education

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The report includes IOCs and TTPs identified through investigations as recently as September 2023. The Rhysida ransomware group has been active since May 2023, according to the gang’s Tor leak site, at least 62 companies are victims of the operation. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. Between April 7, 2023, and May 4, 2023, Royal performed data exfiltration and ransomware delivery preparation activities. ” The group was able to steal data from the City and leaked approximately 1.169 TB at a time prior to May 03, 2023.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Researchers released a free decryption tool for the Rhysida Ransomware

Security Affairs

FEBRUARY 12, 2024

“This study examines Rhysida ransomware, which caused significant damage in the second half of 2023, and proposes a decryption method. The Rhysida ransomware group has been active since May 2023. In December 2023, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks.

Ransomware

Ransomware Encryption Paper Manufacturing

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. The LockBit ransomware operation operated under a Ransomware-as-a-Service (RaaS) model, recruiting affiliates to carry out ransomware attacks through the utilization of LockBit ransomware tools and infrastructure.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government.

Government

Government Manufacturing Education Access

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. manufacturers from cyber-attacks by providing role-based training to the next generation of cybersecurity workers in manufacturing. Chicago, Ill.,

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Security Affairs

AUGUST 31, 2023

On its digital platform, NSC provides online resources for its nearly 55,000 members spread across different businesses, agencies, and educational institutions. The data was publicly accessible for 5 months, as the leak was first indexed by IoT search engines on January 31st, 2023.

Passwords

Passwords Healthcare Manufacturing Access

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Authorization Bypass Through User-Controlled Key CWE-639 ( CVE-2023–1749 , CVSS3.0: Authorization Bypass Through User-Controlled Key CWE-639 ( CVE-2023–1750 , CVSS3.0:

Manufacturing

Manufacturing Cybersecurity Education Authentication

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. ” reads the joint report. ” continues the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In November 2023, the experts noticed that the botnet started targeting Axis IP cameras, such as the M1045-LW, M1065-LW, and p1367-E. The KV-botnet logical network map, December 2023 In May, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. and Guam without being detected.

Communications

Communications Manufacturing Education Government

Infosource Global IDP Vertical Market Analysis 2023-2024 Update

Info Source

DECEMBER 18, 2024

Sector-Specific Opportunities : The report identifies significant opportunities in sectors with advanced digital transformation, such as Banking, Insurance, Healthcare, and Manufacturing. Sectors with lower digital maturity, such as Legal and Education, show varied deployment speeds.

Marketing

Marketing Digital transformation Insurance Manufacturing

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC

KnowBe4

MAY 16, 2023

CyberheistNews Vol 13 #20 | May 16th, 2023 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC KnowBe4's latest reports on top-clicked phishing email subjects have been released for Q1 2023. I've spent a lot of time here educating you on attack specifics, industry trends, and the impacts felt by attacks.

Phishing

Phishing Insurance Passwords Ransomware

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

e-Discovery

e-Discovery Communications Ransomware Government

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Military Access

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” reads the press release published by DoJ.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Security Affairs

SEPTEMBER 15, 2024

The Rhysida ransomware group has been active since May 2023. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. Port of Seattle confirmed on Friday that the Rhysida ransomware group was behind the cyberattack.

Ransomware

Ransomware Manufacturing Education Encryption

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Exposed sensitive files On February 17, 2023, the Cybernews research team discovered public access to sensitive files hosted on dimasvolvo.com.br The issue causing the leak has been fixed.

Retail

Retail Manufacturing Communications Passwords

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.”

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. New #ransomware #BlackSuit targets Windows, #Linux.

Ransomware

Ransomware Encryption File names Cybersecurity

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. The LockBit ransomware operation operated under a Ransomware-as-a-Service (RaaS) model, recruiting affiliates to carry out ransomware attacks through the utilization of LockBit ransomware tools and infrastructure.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

The defendant was arrested in Estonia on March 28, 2023, he used several Estonian-based business entities (the “Estonian Shell Companies”) to buy goods that would have been unavailable to Russian end-users. “As alleged in the indictment and other court filings, Shevlyakov procured sensitive electronics from U.S.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

NCR was the victim of BlackCat/ALPHV ransomware gang

Security Affairs

APRIL 16, 2023

It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, and barcode scanners. NCR Corporation , previously known as National Cash Register, is an American software, consulting and technology company providing several professional services and electronic products.

Ransomware

Ransomware Sales Manufacturing Cybersecurity

3CX Supply chain attack allowed targeting cryptocurrency companies

Security Affairs

APRIL 4, 2023

As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant.

Manufacturing

Manufacturing Cybersecurity Education Security

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers. Since mid-July 2023, the binary observed in the attacks includes support for telnet scanning and support for more CPU architectures. ” reads the report published by Akamai.

IoT

IoT Mining Manufacturing Education

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

Data breach at @Hyundai_Italia : pic.twitter.com/oMMcFiG2Ud — Troy Hunt (@troyhunt) April 11, 2023 In response to the incident, the company has taken the impacted systems offline. According to the letter, financial data were not exposed. The number of impacted individuals is still unclear.

Data breaches

Data breaches Manufacturing Cybersecurity Education

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Authentication Access

News alert: Flexxon welcomes distinguished industry veteran Ravi Agarwal to its advisory board

The Last Watchdog

OCTOBER 25, 2023

25, 2023 – Hardware cybersecurity solutions pioneer Flexxon (the “Company”) today announced the appointment of ex-Intel and Microsoft executive Mr Ravi Agarwal to its advisory board. Its X-PHY Cybersecure SSD was unveiled in 2021 and has since been integrated into laptops from leading PC manufacturers including Lenovo, HP, ASUS and more.

IT

IT Cybersecurity Marketing Manufacturing

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. In February 2023, Royal operators added support for encrypting Linux devices and target VMware ESXi virtual machines.

Ransomware

Ransomware Encryption Cybersecurity Communications

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

IT Governance

NOVEMBER 28, 2023

9 million records breached through decade-long data leak A former temporary employee of a subsidiary of NTT West (Nippon Telegraph and Telephone West Corp) illegally accessed about 9 million personal data records over the course of a decade (2013 to 2023). Breached records: more than 56 million.

Data Privacy

Data Privacy Privacy Energy and Utilities Data breaches

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

e-Discovery

e-Discovery Communications Ransomware Government

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity

Cybersecurity Ransomware Passwords Cloud

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Info Source

DECEMBER 8, 2023

The demand in the Manufacturing industry is just slightly smaller and in a similar lower maturity stage Opportunities in the Finance Sector Financial institutions adopted Capture and IDP solutions earlier than other verticals, building on their traditional usage of check imaging solutions.

Marketing

Marketing Customer Experience Energy and Utilities Digital transformation

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

Rhysida ransomware group hacked Abdali Hospital in Jordan

Trending Sources

Rhysida ransomware gang claimed China Energy hack

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Catches of the Month: Phishing Scams for October 2023

The Week in Cyber Security and Data Privacy: 16–22 October 2023

Rhysida ransomware gang is auctioning data stolen from the British Library

FBI and CISA warn of attacks by Rhysida ransomware gang

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Researchers released a free decryption tool for the Rhysida Ransomware

Operation Cronos: law enforcement disrupted the LockBit operation

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

China-linked APT Volt Typhoon linked to KV-Botnet

Infosource Global IDP Vertical Market Analysis 2023-2024 Update

Cybersecurity agencies published a joint LockBit ransomware advisory

CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC

China’s Volt Typhoon botnet has re-emerged

FBI chief says China is preparing to attack US critical infrastructure

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Volvo retailer leaks sensitive files

More details about Operation Cronos that disrupted Lockbit operation

New Linux Ransomware BlackSuit is similar to Royal ransomware

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

NCR was the victim of BlackCat/ALPHV ransomware gang

3CX Supply chain attack allowed targeting cryptocurrency companies

Updated Kmsdx botnet targets IoT devices

Hyundai suffered a data breach that impacted customers in France and Italy

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

News alert: Flexxon welcomes distinguished industry veteran Ravi Agarwal to its advisory board

The U.S. CISA and FBI warn of Royal ransomware operation

The Week in Cyber Security and Data Privacy: 20 – 26 November 2023

China’s Volt Typhoon botnet has re-emerged

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Infosource Global Capture & IDP Vertical Market Analysis 2022-2023 Update

Stay Connected