Analysis and Manufacturing - Information Management Today

TIDRONE APT targets drone manufacturers in Taiwan

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The attacks were detected in Taiwan and mostly targeted military-related industries, specifically the manufacturer of drones. “we investigated TIDRONE , a threat actor linked to Chinese-speaking groups.

Manufacturing

Manufacturing Military Communications Access

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. The experts reported that several IoT devices at some major manufacturers have been infected with a cryptocurrency miner in October 2019. Pierluigi Paganini. SecurityAffairs – Windows 7, hacking).

Manufacturing

Manufacturing IoT Communications Risk

Malicious PDF Analysis

Security Affairs

FEBRUARY 13, 2019

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” SecurityAffairs – PDF analysis, hacking). The post Malicious PDF Analysis appeared first on Security Affairs. About the author : Zoziel Freire.

Manufacturing

Manufacturing Analytics Cybersecurity Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing

Manufacturing e-Delivery IT Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. ” continues the analysis. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection.

Manufacturing

Manufacturing Paper Communications IT

Spotting RATs: Delphi wrapper makes the analysis harder

Security Affairs

JULY 8, 2019

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder. Technical Analysis. Once executed, the malware obviously kills itself detecting the analysis machine, so we are going to investigate what are the tricks employed to stop us.

File names

File names Encryption Archiving Phishing

'Smart' Factories Could Face Unique Attacks: Report

Data Breach Today

MAY 14, 2020

Connected Devices Could Allow Attackers to Target Industrial Systems, Trend Micro Reports The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic (..)

Manufacturing

Manufacturing Security

Analysis: The Security of 5G Devices, Networks

Data Breach Today

OCTOBER 28, 2020

Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE.

Security

Security Manufacturing Marketing

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. ” continues the analysis.

Passwords

Passwords Manufacturing Authentication Access

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Security Affairs

OCTOBER 2, 2024

The flaws impact residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. DrayTek is among many vendors that does not appear to conduct the necessary variant analysis and post-mortem analysis after vulnerability reports — which could lead to long-term improvements.”

IoT

IoT Manufacturing Communications Ransomware

Chinese APT Group Winnti Is Stealing Intellectual Property

Data Breach Today

MAY 5, 2022

Forensic Analysis Used to Detect the Group's Involvement, Cybereason Says A new malicious campaign that siphons off intellectual property and sensitive data - including documents, blueprints, diagrams, formulas and manufacturing-related proprietary data - has been identified by researchers at Cybereason as being the work of Chinese APT Winnti, based (..)

Manufacturing

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

This info-stealer is also able to kill processes associated with malware analysis related processes and antivirus solutions. ” reads the analysis published by Bitdefender. ” continues the analysis. To do this, the spyware creates different threads and timer functions in the main function.

Manufacturing

Manufacturing Phishing Security IT

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

” states the analysis published by FireEye. “For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.”

Manufacturing

Manufacturing Phishing Military Retail

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

JUNE 29, 2020

The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis. ” reads the analysis published by Symantec. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware

Ransomware Manufacturing Access Security

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

OCTOBER 1, 2018

Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers. (..)

Cybersecurity

Cybersecurity Manufacturing Security IT

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . 126 and 37.120.145 [. ]

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Analysis: Self-Driving Tractors at Risk of Being Hacked

Data Breach Today

AUGUST 13, 2021

This edition of the ISMG Security Report offers an analysis of how tractors manufactured by John Deere are at risk of being hacked. Also featured: a description of the infrastructure bill passed by the Senate that would boost cybersecurity funding and an update on the reboot of the AlphaBay darknet market.

Risk

Risk Manufacturing Marketing Cybersecurity

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork.

Ransomware

Ransomware Manufacturing Military Cybersecurity

INFRA:HALT flaws impact OT devices from hundreds of vendors

Security Affairs

AUGUST 4, 2021

IN FRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. NicheStack (aka InterNiche stack) is a proprietary TCP/IP stack developed originally by InterNiche Technologies and acquired by HCC Embedded in 2016.

Manufacturing

Manufacturing Libraries Cloud Security

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

After looking at 28 of the most popular manufacturers, our research team found 3.5 What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. Most of the public-facing cameras we discovered are manufactured by the Chinese company Hikvision: the Cybernews research team found over 3.37

Passwords

Passwords Manufacturing Authentication Government

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization.

Ransomware

Ransomware Encryption File names Manufacturing

DHS warns of cyber attacks against small airplanes

Security Affairs

JULY 31, 2019

A few hours ago, I have written about an interesting analysis of the possible hack of avionics systems, not DHS warns of cyber attacks against small airplanes. Manufacturers of aircraft should review implementation of CAN bus networks to compensate for the physical attack vector.” ” concludes the alert. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Access Authentication

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. ” reads the analysis published by Trend Micro. ” reads the analysis published by Trend Micro. ” continues the analysis. AGENDA.THIAFBB.” AGENDA.THIAFBB.”

Ransomware

Ransomware Encryption Passwords Education

Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor

Security Affairs

AUGUST 5, 2022

The attack took place in May and lasted seven days, the analysis of the network logs suggests TAC-040 exfiltrated around 700MBs of data from the victim system. “ATI’s thorough analysis determined that the attack occurred during the end of May over a seven day period. ” reads the analysis published by Deepwatch.

Manufacturing

Manufacturing Cybersecurity IT Access

Surveillance vendor exploited Samsung phone zero-days

Security Affairs

NOVEMBER 9, 2022

“The chain merited further analysis because it is a 3 vulnerability chain where all 3 vulnerabilities are within Samsung custom components, including a vulnerability in a Java component.” “The analysis of this exploit chain has provided us with new and important insights into how attackers are targeting Android devices.

Manufacturing

Manufacturing Access IT Security

Chipmaker Qualcomm warns of three actively exploited zero-days

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. Please contact your device manufacturer for more information on the patch status about specific devices.” ” reads the advisory.

Authentication

Authentication Manufacturing Security Information Security

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

” Threat actors employed anti-analysis and evasion techniques, including, code obfuscation and performing some checks for sandbox or debugger environments. At the time of the analysis, the hard-coded target URL of the malware was not reachable making it impossible to attribute the Kraken technique to a specific threat actor.

Phishing

Phishing Manufacturing Archiving Security

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company.

Ransomware

Ransomware Manufacturing Communications Risk

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Manufacturing

Manufacturing Business Services Communications IT

Tupperware website has been compromised with a payment card skimmer

Security Affairs

MARCH 25, 2020

The Tupperware website, the popular manufactured of plastic food container products was infected with a payment card skimmer. ” reads the analysis published by Malwarebytes. ” continues the analysis. The official website has approximately 1 million monthly visits on average. .

CMS

CMS Manufacturing Access IT

LokiBot info stealer involved in a targeted attack on a US Company

Security Affairs

SEPTEMBER 11, 2019

Security researchers at Fortinet uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. FortiGuard SE Team experts uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. manufacturing company. ” read the analysis of the experts.

Manufacturing

Manufacturing Phishing Passwords Archiving

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. The analysis of the EventBot’s infrastructure and C2 reveals a potential link to another Android info stealer employed in late 2019 in attacks against Italian users. . ” concludes the report. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Financial Services

Financial Services Libraries Encryption Authentication

Who is behind the Mozi Botnet kill switch?

Security Affairs

NOVEMBER 2, 2023

[link] — 360 Netlab (@360Netlab) July 28, 2021 Earlier in August 2021, Microsoft researchers reported that the Mozi botnet was improved by implementing new capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. ” reads the analysis published by ESET. ” concludes the report. .

IoT

IoT Manufacturing Security IT

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs

AUGUST 8, 2020

Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k , a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress.

Encryption

Encryption Manufacturing IoT Communications

Audio equipment maker Bose Corporation discloses a ransomware attack

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Performed detailed forensics analysis on impacted server to analyse the impact of the malware/ransomware.

Ransomware

Ransomware Manufacturing Encryption Passwords

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

” states the analysis published by the experts. Enhanced Sign-in Security is a new security feature in Windows which requires specialized hardware, drivers, and firmware that are pre-installed on the system by device manufacturers in the factory. “Apparently, we only need one IR frame and an entirely black frame.

Manufacturing

Manufacturing Authentication Security Access

Flaws in 4G Routers of various vendors put millions of users at risk

Security Affairs

AUGUST 13, 2019

Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices. G Richter, a security researcher at Pen Test Partners discovered multiple vulnerabilities 4G routers manufactured by different vendors. high severity CVSS v3. 0 base score) .

Risk

Risk Manufacturing Passwords Authentication

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” ” reads the analysis published by Avast.

Passwords

Passwords Manufacturing IoT Cloud

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

For instance, suppose firewall manufacturer ACME Inc. Mikrotik The router and switch manufacturer Mikrotik also offers a DDNS service on the sn.mynetname.net and integrates an ACME client into their appliances. Shodan returns 39027 targets , all indexed through the “Common Name” field of the certificate.

Manufacturing

Manufacturing Encryption Communications Cybersecurity

4 ways generative AI addresses manufacturing challenges

IBM Big Data Hub

APRIL 15, 2024

The manufacturing industry is in an unenviable position. Manufacturers are being called to reduce their carbon footprint, adopt circular economy practices and become more eco-friendly in general. And manufacturers face pressure to constantly innovate while ensuring stability and safety.

Manufacturing

Manufacturing Cloud IoT Analytics

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America. ” reads the analysis published by Symantec. Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases.

File names

File names Encryption Manufacturing Libraries

Zyxel addressed three RCEs in end-of-life NAS devices

Security Affairs

JUNE 5, 2024

The Outpost24 researcher Timothy Hjort reported the flaw to the manufacturer and published a detailed analysis and PoC exploit codes for the flaws. An attacker can exploit the vulnerabilities to perform command injection attacks and achieve remote code execution. Two flaws can also allow attackers to elevate privileges.

Authentication

Authentication Manufacturing Security IT

TIDRONE APT targets drone manufacturers in Taiwan

IoT devices at major Manufacturers infected with crypto-miner

Webinars

Trending Sources

Malicious PDF Analysis

Webinars

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Spotting RATs: Delphi wrapper makes the analysis harder

'Smart' Factories Could Face Unique Attacks: Report

Analysis: The Security of 5G Devices, Networks

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

China-linked APT Curious Gorge targeted Russian govt agencies

Experts found backdoors in a popular Auerswald VoIP appliance

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Chinese APT Group Winnti Is Stealing Intellectual Property

Spearphishing attacks hit the oil and gas industry sector

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

At least 31 US Businesses targeted with WastedLocker Ransomware

FDA Reveals Steps to Bolster Medical Device Cybersecurity

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Analysis: Self-Driving Tractors at Risk of Being Hacked

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

INFRA:HALT flaws impact OT devices from hundreds of vendors

3.5m IP cameras exposed, with US in the lead

Hades ransomware gang targets big organizations in the US

DHS warns of cyber attacks against small airplanes

Experts spotted a variant of the Agenda Ransomware written in Rust

Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor

Surveillance vendor exploited Samsung phone zero-days

Chipmaker Qualcomm warns of three actively exploited zero-days

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

TinyNuke banking malware targets French organizations

Tupperware website has been compromised with a payment card skimmer

LokiBot info stealer involved in a targeted attack on a US Company

EventBot, a new Android mobile targets financial institutions across Europe

Who is behind the Mozi Botnet kill switch?

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Audio equipment maker Bose Corporation discloses a ransomware attack

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Flaws in 4G Routers of various vendors put millions of users at risk

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

4 ways generative AI addresses manufacturing challenges

China-linked APT41 group targets Hong Kong with Spyder Loader

Zyxel addressed three RCEs in end-of-life NAS devices

Stay Connected