Remove 2024 Remove Manufacturing Remove Security
article thumbnail

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. ” reads the advisory published by the Taiwanese manufacturer. Their fourth-round win nets them $10,000 and 4 Master of Pwn points.

article thumbnail

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. x) may also be vulnerable.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

“On October 29, 2024, the Company detected a ransomware cybersecurity incident (“Incident”) in which an unauthorized third party gained access to certain of the Company’s internal information systems. ” reads the FORM 8-K filed with Securities and Exchange Commission (SEC).

article thumbnail

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

” The incident occurred on November 21, 2024, causing widespread disruptions to the company’s managed services hosted environment. Since learning of the security breach, the company immediately started incident response procedure with the help of external cybersecurity firms, including CrowdStrike.

article thumbnail

NCSC: New UK law bans default passwords on smart devices

Security Affairs

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” The U.K. ” The U.K.

Passwords 335
article thumbnail

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. in Germany, and 5.9%

article thumbnail

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024.