2024, Manufacturing and Security - Information Management Today

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

OCTOBER 30, 2024

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. ” reads the advisory published by the Taiwanese manufacturer. Their fourth-round win nets them $10,000 and 4 Master of Pwn points.

Manufacturing

Manufacturing Security IT

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. x) may also be vulnerable.

Ransomware

Ransomware Manufacturing Access Risk

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

“On October 29, 2024, the Company detected a ransomware cybersecurity incident (“Incident”) in which an unauthorized third party gained access to certain of the Company’s internal information systems. ” reads the FORM 8-K filed with Securities and Exchange Commission (SEC).

Ransomware

Ransomware Manufacturing Cybersecurity Access

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

NOVEMBER 26, 2024

” The incident occurred on November 21, 2024, causing widespread disruptions to the company’s managed services hosted environment. Since learning of the security breach, the company immediately started incident response procedure with the help of external cybersecurity firms, including CrowdStrike.

Ransomware

Ransomware Retail Manufacturing Cloud

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” The U.K. ” The U.K.

Passwords

Passwords Manufacturing IoT Retail

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

OCTOBER 31, 2024

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024.

Manufacturing

Manufacturing Security IT

A cyberattack disrupted operations of US chipmaker Microchip Technology

Security Affairs

AUGUST 22, 2024

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. chipmaker Microchip Technology suffered a cyberattack that disrupted operations at several of its manufacturing plants. The company detected potentially suspicious activity involving its IT infrastructure on August 17, 2024.

Manufacturing

Manufacturing Sales Cybersecurity IT

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

Elections are scheduled in several countries worldwide in 2024, with potential geopolitical implications. The 2024 European Union elections face threats from content generated through these platforms. Artificial intelligence is having a significant impact on various industries, such as health, finance, and manufacturing.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) ” The BlackByte’s victimology shows that over 32 percent of known victims are in the manufacturing industry vertical.

Ransomware

Ransomware Authentication Encryption Access

D-Link addressed three critical RCE in wireless router models

Security Affairs

SEPTEMBER 16, 2024

D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694 , CVE-2024-45695 , CVE-2024-45697 , impacting three wireless router models. The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. CVE-2024-45695 (9.8 and earlier.

Manufacturing

Manufacturing Security Access Risk

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

e-Discovery

e-Discovery Communications Ransomware Government

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

divya Fri, 10/11/2024 - 08:54 As user expectations for secure and seamless access continue to grow, the 2024 Thales Consumer Digital Trust Index (DTI) research revealed that 65% of users feel frustrated with frequent password resets. Passwordless Authentication without Secrets!

Authentication

Authentication Retail Manufacturing Passwords

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Computer and Electronics Ransomware

Critical RCE vulnerability found in OpenPLC

Security Affairs

SEPTEMBER 26, 2024

It is widely used for automating machines and processes in industries like manufacturing, energy, and utilities. The vulnerability was discovered by Jared Rittle of Cisco Talos that reported the issue to the maintainers of the project on June 10, 2024. The issue was addressed on September 18, 2024.

Energy and Utilities

Energy and Utilities Manufacturing IT Information Security

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. The chipmaker has 14,000 employees as of 2024. Gb - NDA The group published a set of files as proof of the security breach and threatens leak all the stolen data if the victim will not pay the ransom. Gb AWACS software - 13 Gb.esm files - 1.9

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Zyxel addressed three RCEs in end-of-life NAS devices

Security Affairs

JUNE 5, 2024

Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical flaws in some of its NAS devices that have reached end-of-life. Two flaws can also allow attackers to elevate privileges. 13)C0 and older.

Authentication

Authentication Manufacturing Security IT

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Security Affairs

OCTOBER 2, 2024

Of the 14 security flaws nine are rated high, and three are rated medium in severity. The flaws impact residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. The most severe vulnerability, tracked as CVE-2024-41592 (CVSS score 10), is a DoS/RCE issue.

IoT

IoT Manufacturing Communications Ransomware

A cyberattack halted operations at Varta production plants

Security Affairs

FEBRUARY 15, 2024

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack disrupted operations at five production plants and the administration.

Manufacturing

Manufacturing Ransomware IT Security

Sonos smart speakers flaw allowed to eavesdrop on users

Security Affairs

AUGUST 9, 2024

The researchers have disclosed the vulnerabilities during the BLACK HAT USA 2024 conference. MediaTek, who manufactures Wi-Fi SoC for Sonos speaker, released a security advisory in March 2024 (CVE-2024-20018). NCC Group previously identified weaknesses within the secure boot process on the device.”

Manufacturing

Manufacturing Paper Security IT

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 28, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Apache OFBiz Incorrect Authorization Vulnerability CVE-2024-38856 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Authentication Manufacturing Cybersecurity

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Security Affairs

MARCH 11, 2024

Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server. which is an IP address linked to a server that hosted the BianLian GO backdoor as of March 6th, 2024.

Ransomware

Ransomware Manufacturing Access Security

Researchers warn of a new critical Apache OFBiz flaw

Security Affairs

AUGUST 5, 2024

Experts urge organizations to address a new critical vulnerability, tracked as CVE-2024-38856, in Apache OFBiz. Apache OFBiz is an open-source ERP system that helps businesses automate and integrate various processes such as accounting, HR, CRM, order management, manufacturing, and e-commerce. addressed the flaw.

Authentication

Authentication Manufacturing Cybersecurity Security

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Security Affairs

SEPTEMBER 13, 2024

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Unfortunately, often manufacturers sell older OS versions as newer ones. Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 million Android-based TV boxes belonging to users in 197 countries.

Manufacturing

Manufacturing Access Risk IT

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. KG is a German weapon manufacturer headquartered in Überlingen. In May 2024, Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir.

Military

Military Manufacturing Phishing Information Security

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Ransomware Communications Manufacturing Phishing

A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning

Security Affairs

AUGUST 21, 2024

A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdoor in millions of RFID cards manufactured by the Chinese chip manufacturer Shanghai Fudan Microelectronics.

Manufacturing

Manufacturing Paper Authentication Risk

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Security Affairs

SEPTEMBER 20, 2024

The threat actor has been active since July 2022, it was observed targeting organizations in the education, healthcare, IT, and manufacturing sectors. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Ransomware

Ransomware Manufacturing Education IT

Qualcomm fixed a zero-day exploited limited, targeted attacks

Security Affairs

OCTOBER 8, 2024

Qualcomm addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score 7.8). ” The flaw was reported by cybersecurity researchers Seth Jenkins from Google Project Zero and Conghui Wang from Amnesty International Security Lab. See [link] for the details.

Manufacturing

Manufacturing Cybersecurity IT Security

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems.

Data breaches

Data breaches Ransomware Manufacturing Encryption

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. SANFONG Inc., ” concludes ESET.

Security

Security Manufacturing Education IT

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Security Affairs

SEPTEMBER 15, 2024

— Port of Seattle – (@PortofSeattle) August 24, 2024 Passengers were recommended to check with their airlines for the latest information for their flights. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Education Encryption

ASUS fixed critical remote authentication bypass bug in several routers

Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication

Authentication Manufacturing Access IT

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. Here are my takeaways: Matter picks up steam Frustration with smart home devices should be much reduced in 2024. This same approach really could be applied to other industries.

Security

Security Manufacturing Authentication Marketing

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks. Versa Director servers between June 12 and mid-July 2024. ISP on June 12, 2024. Black Lotus Labs detected unusual traffic indicating the exploitation of several U.S.

Energy and Utilities

Energy and Utilities Communications Authentication Access

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. In January 2024, the Kimsuky APT group was spotted distributing malware through the website of a construction industry association in South Korea. ” reads the advisory.

Information capture

Information capture Authentication Military Government

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Return here for more information at: 11:30 GMT on Tuesday 20th Feb” The Operation Cronos operation is still ongoing and NCA’s announced that more information will be published tomorrow, February 20, 2024. “The site is now under the control of law enforcement.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

Security Affairs

JUNE 6, 2024

” said Bryan Vorndran, the Assistant Director at the FBI Cyber Division, during the 2024 Boston Conference on Cyber Security. This call to action comes after law enforcement took down LockBit’s infrastructure in February 2024 in an international operation dubbed “ Operation Cronos.” continues the NCA.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Encryption

StrelaStealer targeted over 100 organizations across the EU and US

Security Affairs

MARCH 25, 2024

Unit 42 researchers observed another large-scale campaign that peaked on January 29, 2024, threat actors used a spam email localized and the subject line has the pattern of Factura/Rechnung/invoice####. The campaign targeted organizations in many sectors, including the high-tech, finance, legal services and manufacturing industries.

Encryption

Encryption Manufacturing Archiving Phishing

Zyxel fixed critical OS command injection flaw in multiple routers

Security Affairs

SEPTEMBER 3, 2024

Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerability, tracked as CVE-2024-7261 (CVSS v3 score of 9.8), impacting multiple models of its business routers. ” reads the advisory.

Manufacturing

Manufacturing Security Access IT

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Security Affairs

DECEMBER 14, 2024

The affected manufacturers include Baicells, D-Link, Hikvision, Red Lion, Orpak, Phoenix Contact, Teltonika, and Unitronics. The attacks began in late 2023, coinciding with other industrial system breaches, and continued into mid-2024. The malware remained undetected by VirusTotal antivirus engines as of December 2024.

IoT

IoT Manufacturing Encryption Communications

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

ErrataRob) February 7, 2024 Several experts explained that electric toothbrushes have no direct connections to the internet, they relies on Bluetooth to connect to mobile apps. Some cases underscore the urgency of securing our smart homes. There are no details, like who is the target of the DDoS? what was the brand of toothbrushes?

IoT

IoT Cybersecurity Manufacturing Security

Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched

eSecurity Planet

NOVEMBER 4, 2024

October 26, 2024 Windows 11 Downgrade Vulnerability Is Still Wide Open Type of vulnerability: Admin code execution privileges leading to operating system downgrades. He demonstrated the downgrade at Black Hat 2024, reverting fully patched Windows machines back to previous vulnerable states.

Cloud

Cloud Honeypots Authentication Manufacturing

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Security Affairs

AUGUST 7, 2024

pic.twitter.com/542Wl9QIgw — Dominic Alvieri (@AlvieriD) August 7, 2024 It isn’t the first time that the Rhysida Ransomware group targeted a hospital. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Libraries Education

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

Mazda Connect flaws allow to hack some Mazda vehicles

Webinars

Trending Sources

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Webinars

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

NCSC: New UK law bans default passwords on smart devices

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

A cyberattack disrupted operations of US chipmaker Microchip Technology

Elections 2024, artificial intelligence could upset world balances

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

D-Link addressed three critical RCE in wireless router models

China’s Volt Typhoon botnet has re-emerged

Passwordless Authentication without Secrets!

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Critical RCE vulnerability found in OpenPLC

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Zyxel addressed three RCEs in end-of-life NAS devices

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

A cyberattack halted operations at Varta production plants

Sonos smart speakers flaw allowed to eavesdrop on users

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Researchers warn of a new critical Apache OFBiz flaw

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning

The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Qualcomm fixed a zero-day exploited limited, targeted attacks

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

ASUS fixed critical remote authentication bypass bug in several routers

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Operation Cronos: law enforcement disrupted the LockBit operation

FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

StrelaStealer targeted over 100 organizations across the EU and US

Zyxel fixed critical OS command injection flaw in multiple routers

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Unraveling the truth behind the DDoS attack from electric toothbrushes

Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Stay Connected