Analysis, Manufacturing and Security - Information Management Today

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” continues the report. Pierluigi Paganini.

Manufacturing

Manufacturing IoT Communications Security

TIDRONE APT targets drone manufacturers in Taiwan

Security Affairs

SEPTEMBER 9, 2024

Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The attacks were detected in Taiwan and mostly targeted military-related industries, specifically the manufacturer of drones. “we investigated TIDRONE , a threat actor linked to Chinese-speaking groups.

Manufacturing

Manufacturing Military Communications Access

Malicious PDF Analysis

Security Affairs

FEBRUARY 13, 2019

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Most security tools must always be adapted to this new reality of attack and infection. SecurityAffairs – PDF analysis, hacking). Twitter: [link].

Manufacturing

Manufacturing Analytics Cybersecurity Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing

Manufacturing e-Delivery IT Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. ” continues the analysis. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection.

Manufacturing

Manufacturing Paper Communications IT

Analysis: The Security of 5G Devices, Networks

Data Breach Today

OCTOBER 28, 2020

Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE.

Security

Security Manufacturing Marketing

'Smart' Factories Could Face Unique Attacks: Report

Data Breach Today

MAY 14, 2020

Connected Devices Could Allow Attackers to Target Industrial Systems, Trend Micro Reports The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic (..)

Manufacturing

Manufacturing Security

Spotting RATs: Delphi wrapper makes the analysis harder

Security Affairs

JULY 8, 2019

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder. Technical Analysis. Once executed, the malware obviously kills itself detecting the analysis machine, so we are going to investigate what are the tricks employed to stop us.

File names

File names Encryption Archiving Phishing

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” reads the analysis published by SecurityScorecard. However, despite the botnet disruption, Volt Typhoon remains active.

e-Discovery

e-Discovery Communications Ransomware Government

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. Gb - NDA The group published a set of files as proof of the security breach and threatens leak all the stolen data if the victim will not pay the ransom. It is a subsidiary of the partially state-owned Chinese company Wingtech Technology.

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

To Secure Medical Devices, the FDA Turns to Ethical Hackers

Security Affairs

OCTOBER 23, 2018

Food and Drug Administration (FDA) is embracing the work of ethical hackers and their researches to secure medical devices. People typically shudder to think about their smart speakers or home security systems getting compromised, and indeed, vulnerabilities in those devices would be traumatizing. All the while, the U.S.

Security

Security Manufacturing Cybersecurity Government

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Security Affairs

OCTOBER 2, 2024

Of the 14 security flaws nine are rated high, and three are rated medium in severity. The flaws impact residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. DrayTek already released security updates to address the vulnerabilities reported by Forescout.

IoT

IoT Manufacturing Communications Ransomware

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Computer and Electronics Ransomware

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. ” continues the analysis.

Passwords

Passwords Manufacturing Authentication Access

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. After looking at 28 of the most popular manufacturers, our research team found 3.5 The reign of a Chinese brand. Most insecure brands.

Passwords

Passwords Manufacturing Authentication Government

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. Pierluigi Paganini. adrotate banner=”13″].

Ransomware

Ransomware Manufacturing Military Cybersecurity

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization.

Ransomware

Ransomware Encryption File names Manufacturing

INFRA:HALT flaws impact OT devices from hundreds of vendors

Security Affairs

AUGUST 4, 2021

IN FRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. “Forescout Research Labs and JFrog Security Research exploited two of the Remote Code Execution vulnerabilities in their lab and show the potential effects of a successful attack.”

Manufacturing

Manufacturing Libraries Cloud Security

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.” The post How to secure QNAP NAS devices?

Security

Security Ransomware Encryption Systems administration

SAP security fixes address Critical flaw in SAP HANA XSA

Security Affairs

FEBRUARY 14, 2019

SAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. SAP Security Patch Day for February 2019 includes 13 Security Notes and 3 updates to previously released security notes. ” reads the analysis published by Onapsys.

Security

Security Manufacturing Access Authentication

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

This info-stealer is also able to kill processes associated with malware analysis related processes and antivirus solutions. ” reads the analysis published by Bitdefender. ” continues the analysis. The post Spearphishing attacks hit the oil and gas industry sector appeared first on Security Affairs.

Manufacturing

Manufacturing Phishing Security IT

Chipmaker Qualcomm warns of three actively exploited zero-days

Security Affairs

OCTOBER 4, 2023

Chipmaker Qualcomm released security updates to address 17 vulnerabilities in several components. Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. ” reads the advisory.

Authentication

Authentication Manufacturing Security Information Security

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

JUNE 29, 2020

The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Access Security

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . 126 and 37.120.145 [. ]

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Audio equipment maker Bose Corporation discloses a ransomware attack

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Shortly after the discovery f the security breach the company initiated an incident response procedure and launched an investigation into the incident. systems on March 7, 2021.”

Ransomware

Ransomware Manufacturing Encryption Passwords

DHS warns of cyber attacks against small airplanes

Security Affairs

JULY 31, 2019

A few hours ago, I have written about an interesting analysis of the possible hack of avionics systems, not DHS warns of cyber attacks against small airplanes. ” reads the alert published by the US Department of Homeland Security’s (DHS). ” concludes the alert. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Access Authentication

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

OCTOBER 1, 2018

Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers. (..)

Cybersecurity

Cybersecurity Manufacturing Security IT

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. The post Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia appeared first on Security Affairs. Acer Finance operates as an investment management company. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Communications Risk

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

” Threat actors employed anti-analysis and evasion techniques, including, code obfuscation and performing some checks for sandbox or debugger environments. At the time of the analysis, the hard-coded target URL of the malware was not reachable making it impossible to attribute the Kraken technique to a specific threat actor.

Phishing

Phishing Manufacturing Archiving Security

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Microsoft already fixed the vulnerability with the release of July Patch Tuesday security updates. ” states the analysis published by the experts. Pierluigi Paganini.

Manufacturing

Manufacturing Authentication Security Access

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

” states the analysis published by FireEye. “For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.” orgs with 3 malware appeared first on Security Affairs.

Manufacturing

Manufacturing Phishing Military Retail

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

It is one of the largest pharmaceutical companies globally, engaged in the research, development, manufacturing, and marketing of a wide range of healthcare products. The analysis conducted on the ransomware revealed it was designed to look like ransomware but was wiper malware designed for sabotage purposes. Merck & Co.,

Insurance

Insurance Healthcare Manufacturing Ransomware

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs

AUGUST 8, 2020

Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k , a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress. ” continues the research.

Encryption

Encryption Manufacturing IoT Communications

Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor

Security Affairs

AUGUST 5, 2022

The attack took place in May and lasted seven days, the analysis of the network logs suggests TAC-040 exfiltrated around 700MBs of data from the victim system. “ATI’s thorough analysis determined that the attack occurred during the end of May over a seven day period. ” reads the analysis published by Deepwatch.

Manufacturing

Manufacturing Cybersecurity IT Access

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. ” reads the analysis published by Trend Micro. ” reads the analysis published by Trend Micro. ” continues the analysis. AGENDA.THIAFBB.” AGENDA.THIAFBB.”

Ransomware

Ransomware Encryption Passwords Education

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Security Affairs

MAY 24, 2024

Advisory on security impacts related to the use of TLS in proprietary vendor Dynamic DNS (DDNS) services. Introduction to TLS and Certificate Transparency Log Securing Internet communications is crucial for maintaining the confidentiality and integrity of information in transit. For instance, suppose firewall manufacturer ACME Inc.

Manufacturing

Manufacturing Encryption Communications Cybersecurity

Surveillance vendor exploited Samsung phone zero-days

Security Affairs

NOVEMBER 9, 2022

“The chain merited further analysis because it is a 3 vulnerability chain where all 3 vulnerabilities are within Samsung custom components, including a vulnerability in a Java component.” Labeling when vulnerabilities are known to be exploited in-the-wild is important both for targeted users and for the security industry.

Manufacturing

Manufacturing Access IT Security

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. ” reads the analysis published by Cybereason. The post EventBot, a new Android mobile targets financial institutions across Europe appeared first on Security Affairs.

Financial Services

Financial Services Libraries Encryption Authentication

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Luxottica Group S.p.A. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Retail Manufacturing

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. The average ransom payment was $1.2

Ransomware

Ransomware Blockchain Retail Insurance

Who is behind the Mozi Botnet kill switch?

Security Affairs

NOVEMBER 2, 2023

[link] — 360 Netlab (@360Netlab) July 28, 2021 Earlier in August 2021, Microsoft researchers reported that the Mozi botnet was improved by implementing new capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. ” reads the analysis published by ESET. appeared first on Security Affairs.

IoT

IoT Manufacturing Security IT

Analysis: Self-Driving Tractors at Risk of Being Hacked

Data Breach Today

AUGUST 13, 2021

This edition of the ISMG Security Report offers an analysis of how tractors manufactured by John Deere are at risk of being hacked. Also featured: a description of the infrastructure bill passed by the Senate that would boost cybersecurity funding and an update on the reboot of the AlphaBay darknet market.

Risk

Risk Manufacturing Marketing Cybersecurity

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code. ” reads the analysis published by Odler. ” reads the AMD’s announcement. Pierluigi Paganini.

Manufacturing

Manufacturing Access Security IT

IoT devices at major Manufacturers infected with crypto-miner

TIDRONE APT targets drone manufacturers in Taiwan

Webinars

Trending Sources

Malicious PDF Analysis

Webinars

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Analysis: The Security of 5G Devices, Networks

'Smart' Factories Could Face Unique Attacks: Report

Spotting RATs: Delphi wrapper makes the analysis harder

China’s Volt Typhoon botnet has re-emerged

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

China-linked APT Curious Gorge targeted Russian govt agencies

To Secure Medical Devices, the FDA Turns to Ethical Hackers

14 New DrayTek routers’ flaws impacts over 700,000 devices in 168 countries

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Experts found backdoors in a popular Auerswald VoIP appliance

3.5m IP cameras exposed, with US in the lead

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Hades ransomware gang targets big organizations in the US

INFRA:HALT flaws impact OT devices from hundreds of vendors

How to secure QNAP NAS devices? The vendor’s instructions

SAP security fixes address Critical flaw in SAP HANA XSA

Spearphishing attacks hit the oil and gas industry sector

Chipmaker Qualcomm warns of three actively exploited zero-days

At least 31 US Businesses targeted with WastedLocker Ransomware

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Audio equipment maker Bose Corporation discloses a ransomware attack

DHS warns of cyber attacks against small airplanes

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor

Experts spotted a variant of the Agenda Ransomware written in Rust

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

Surveillance vendor exploited Samsung phone zero-days

EventBot, a new Android mobile targets financial institutions across Europe

Nefilim ransomware gang published Luxottica data on its leak site

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Who is behind the Mozi Botnet kill switch?

Analysis: Self-Driving Tractors at Risk of Being Hacked

AMD is going to patch UEFI SMM callout privilege escalation flaw

Stay Connected