Access, Government and Manufacturing - Information Management Today

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023.

Government

Government Manufacturing Education Access

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing

Manufacturing e-Delivery IT Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. “Mailed notices will include information on how affected individuals can access free credit monitoring services from the Port. ” concludes the notice.

Data breaches

Data breaches Ransomware Manufacturing Education

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

The group managed to maintain access without being detected for as long as possible. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. and Guam without being detected.

e-Discovery

e-Discovery Communications Ransomware Government

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” states the DoJ.

Energy and Utilities

Energy and Utilities Government Cybersecurity Military

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

officials say Huawei can covertly access telecom networks where its equipment is installed. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.” “U.S. officials said.

Manufacturing

Manufacturing Access Government Communications

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. After looking at 28 of the most popular manufacturers, our research team found 3.5 Surge in internet-facing cameras.

Passwords

Passwords Manufacturing Authentication Government

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Communications Ransomware Manufacturing

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government Energy and Utilities Healthcare Access

DHS Reportedly Warns of Chinese-Made Drones Stealing Data

Data Breach Today

MAY 20, 2019

Drones May Be Sending Data Back to China, According to News Reports The Department of Homeland Security is warning that Chinese-made drones could be sending sensitive data back to their manufacturers, where it can be accessed by the government, according to news reports.

Manufacturing

Manufacturing Government Access Security

Rhysida ransomware gang claimed China Energy hack

Security Affairs

NOVEMBER 25, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Libraries

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Security

Security Manufacturing Passwords Ransomware

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. The BlackSuit actors gain initial access to victim networks through several methods, including Phishing campaigns, Remote Desktop Protocol (RDP) (Used in about 13.3%

Ransomware

Ransomware Communications Manufacturing Phishing

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

Just recently, the group has published a stolen data allegedly belonging to the Mexican Government which still remains available for sale today, and possibly becoming the first cybercriminal group that has touched a major state in Latin America on such a level. Mexican Government data is published for sale. Pierluigi Paganini.

Ransomware

Ransomware Sales Government GDPR

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Security Affairs

SEPTEMBER 30, 2018

“The vulnerabilities to hacker attacks found in government- issued ID cards supplied by the Franco-Dutch company marked an embarrassing setback for Estonia, which has billed itself as the world’s most digitalised “e-government”.” ” reported the Reuters. At the time, Estonia had issued 1.3 “continues the Reuters.

Manufacturing

Manufacturing Government Security Risk

Belden discloses data breach as a result of a cyber attack

Security Affairs

NOVEMBER 25, 2020

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information. “Our IT professionals were able to detect the unusual activity and believe we have stopped further unauthorized access of personal data on our servers.”

Data breaches

Data breaches Manufacturing Insurance Access

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” Ensure these copies are not accessible for modification or deletion from any system where the original data resides.

Ransomware

Ransomware Manufacturing Access Phishing

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Libraries

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers. Lithuanian government experts have analyzed three specific smartphone models, the Huawei P40 5G, the Xiaomi Mi 10T 5G and the OnePlus 8T 5G.

Information Security

Information Security Manufacturing Security Communications

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Ransomware

Ransomware Manufacturing Education Libraries

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

CWE-226 Sensitive Information in Resource Not Removed Before Reuse CWE-1247 Improper Protection Against Voltage and Clock Glitches CWE-1262 Improper Access Control for Register Interface CWE-1331 Improper Isolation of Shared Resources in Network On Chip (NoC) CWE-1332 Improper Handling of Faults that Lead to Instruction Skips.

Manufacturing

Manufacturing Access Education Security

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

To mitigate the threat and prevent it from spreading inside the city network the City of Durham has disabled all access into the DCI Network for the Durham Police Department with the result that 911 call center was shut down. 911 calls, though, are being answered.”

Ransomware

Ransomware IT Computer and Electronics Mining

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

“On June 28, last year, a suspicious behavior was detected and investigated on a terminal in our company, and as a result of unauthorized access by a third party, data was transmitted to the outside,” reads a data breach notification published by the company. ” reported the Asahi Shimbun. ” reported Kyodo News.

Data breaches

Data breaches Computer and Electronics Government Access

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

Security Affairs

FEBRUARY 16, 2024

government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. This additional reward aims to target affiliated and initial access brokers involved and that facilitated the attacks of the group. ” reads the press release.

Ransomware

Ransomware Government Manufacturing Access

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. . “the U.S. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Finnish intelligence warns of Russia’s cyberespionage activities

Security Affairs

OCTOBER 3, 2022

The report pointed out that despite the Russian reactions to Finland’s NATO accession process have been restrained for the time being, and Finland was not targeted by any extraordinary influencing in the course of policymaking, the government fears an escalation of the malicious activities. the public intelligence assessment stated.

Manufacturing

Manufacturing Access Security Government

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

which includes info related to the activity of the gang, such as initial access, threat activity and mitigations. Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. ransomware. in Australia since 2020.

Ransomware

Ransomware Security Retail Manufacturing

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. ” reads the post published by Microsoft.

Manufacturing

Manufacturing Phishing Government Security

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The law enforcement gained access to the decryption keys and provided them to victims, thereby thwarting potential ransom payments of up to $130 million.

Ransomware

Ransomware Blockchain Manufacturing Government

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

SEPTEMBER 21, 2020

Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important,” explained Sens. Once the bill will be signed, federal government agencies would only purchase products compliant with those recommendations.

IoT

IoT Cybersecurity Manufacturing Government

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Agriculture

Agriculture Data collection Access Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

The DCMS (Digital, Culture, Media & Sport) department of the United Kingdom government published the “ Code of Practice for Consumer IoT Security ” and the “ Secure by Design: Improving the cyber security of consumer Internet of Things Report ”, setting guidelines and recommendations for secure IoT devices.

IoT

IoT Security Manufacturing Privacy

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

In order to help as many people as possible secure their devices against potential cyberattacks, the CyberNews security team accessed 27,944 printers around the world and forced the hijacked devices to print out a short 5-step guide on how to secure a printer, with a link to a more detailed version of the guide on our website.

Security

Security IoT Passwords Manufacturing

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Security Affairs

AUGUST 5, 2020

Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities that have been addressed by the manufacturer WOWZA Streaming Engine, between the end of 2019 and July 2020.

Manufacturing

Manufacturing Government Access Security

Anonymous and the IT ARMY of Ukraine continue to target Russian entities

Security Affairs

APRIL 8, 2022

The popular hacking Anonymous and the IT ARMY of Ukraine continue to target Russian government entities and private businesses. The list of recently compromised businesses includes: Forest – The hacktivists leaked 37,500 emails stolen from the company which is a Russian logging and wood manufacturing firm.

IT

IT Manufacturing Access Cybersecurity

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations.

Manufacturing

Manufacturing Access Government Communications

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.” reads the joint advisory.

Libraries

Libraries Ransomware Manufacturing Education

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Phishing

Phishing Manufacturing Government Security

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

The Russian Government blocked ProtonMail and ProtonVPN. Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks. Facebook fixed a WhatsApp bug that allowed hackers to access local file system. IoT devices at major Manufacturers infected with crypto-miner.

Security

Security Ransomware IoT Manufacturing

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.”

Ransomware

Ransomware Encryption Communications Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In fact, the U.S.

Energy and Utilities

Energy and Utilities Communications Military Access

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Webinars

Trending Sources

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

Port of Seattle ‘s August data breach impacted 90,000 people

China’s Volt Typhoon botnet has re-emerged

US indicted 4 Russian government employees for attacks on critical infrastructure

US officials claim Huawei Equipment has secret backdoor for spying

3.5m IP cameras exposed, with US in the lead

Raspberry Robin malware used in attacks against Telecom and Governments

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

DHS Reportedly Warns of Chinese-Made Drones Stealing Data

Rhysida ransomware gang claimed China Energy hack

Security Affairs newsletter Round 377

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Belden discloses data breach as a result of a cyber attack

Ranzy Locker ransomware hit tens of US companies in 2021

Rhysida ransomware group hacked King Edward VII’s Hospital in London

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Rhysida ransomware group hacked Abdali Hospital in Jordan

FBI and CISA warn of attacks by Rhysida ransomware gang

MITRE and CISA publish the 2021 list of most common hardware weaknesses

The City of Durham shut down its network after Ryuk Ransomware attack

Mitsubishi Electric discloses data breach, media blame China-linked APT

US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Finnish intelligence warns of Russia’s cyberespionage activities

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

US offers $10 million reward for info on Hive ransomware group leaders

US House Passes IoT Cybersecurity Improvement Act

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

5 IoT Security Predictions for 2019

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Anonymous and the IT ARMY of Ukraine continue to target Russian entities

China-linked APT likely linked to Fortinet zero-day attacks

Rhysida ransomware gang is auctioning data stolen from the British Library

APT32 state hackers target human rights defenders with spyware

Security Affairs newsletter Round 250

Cuba ransomware gang hacked 49 US critical infrastructure organizations

FBI chief says China is preparing to attack US critical infrastructure

Stay Connected