Document, Government and Manufacturing - Information Management Today

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? Also, in September 2020, it was reported that Russian hackers targeted government agencies in NATO member countries, and nations who cooperate with NATO -> Link.” Pierluigi Paganini.

Military

Military Manufacturing Phishing Government

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing

Manufacturing e-Delivery IT Security

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Security Affairs

JANUARY 26, 2023

The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, bulk explosives and initiating systems to meet its customer needs across the globe. “The data leakage affected all products and classified documents of the company. .

Military

Military Manufacturing Ransomware Mining

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Coronavirus-themed campaign targets energy sector with PoetRAT

Security Affairs

APRIL 18, 2020

Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. . Attackers launched phishing attacks using weaponized Microsoft Word documents, experts identified three separate phishing attacks that used COVID19 as a lure. ” continues the analysis. .”

Energy and Utilities

Energy and Utilities Archiving Phishing Government

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

The Avaddon ransomware gang is giving Acer Finance 240 hours to communicate and cooperate with them before start leaking the stolen valuable company documents. As proof of the hack, the group published several ID cards, personal documents, contracts, and a screenshot of the folders containing stolen data.

Ransomware

Ransomware Manufacturing Communications Risk

China planted tiny chips on US computers for cyber espionage

Security Affairs

OCTOBER 4, 2018

China used tiny chips implanted on computer equipment manufactured for US companies and government agencies to steal secret information. Elemental manufactured equipment for Department of Defense data centers, the CIA’s drone operations, and onboard networks of Navy warships. government.”

Manufacturing

Manufacturing Government Security IT

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Phishing

Phishing Manufacturing Government Security

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Ransomware Communications Manufacturing Phishing

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Security Affairs

NOVEMBER 29, 2023

GossiTheDog @SOSIntel @UK_Daniel_Card @LisaForteUK pic.twitter.com/L7A3XNNxU7 — Dominic Alvieri (@AlvieriD) November 29, 2023 The group published images of stolen documents as proof of the hack. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware. “Unique files are presented to your attention!

Ransomware

Ransomware Manufacturing Education Libraries

Rhysida ransomware group hacked Abdali Hospital in Jordan

Security Affairs

DECEMBER 26, 2023

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors.

Ransomware

Ransomware Manufacturing Education Libraries

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Security Affairs

APRIL 23, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors.

Government

Government Phishing Manufacturing Cybersecurity

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. ” reads the post published by Microsoft. .” ” reads the post published by Microsoft.

Manufacturing

Manufacturing Phishing Government Security

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Security Affairs

NOVEMBER 1, 2021

Experts uncovered a new threat actor, tracked as Balikbayan Foxes, that is impersonating the Philippine government to spread malware. . The group focuses on Shipping/Logistics, Manufacturing, Business Services, Pharmaceutical, and Energy entities, among others. ” reads the analysis published by the experts. .

Healthcare

Healthcare Phishing Government Manufacturing

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

“The Defence Intelligence of Ukraine informs that as a result of a successful complex special operation in cyberspace, a large volume of confidential documents of the structural subdivision of the Russian Ministry of Transport – the Federal Air Transport Agency (Rosaviatsia) – is now acquired.”

Military

Military Manufacturing Government Authentication

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

Malwarebytes researchers Hossein Jazi and Jérôme Segura have documented a new fileless attack technique, dubbed Kraken, that abuses the Microsoft Windows Error Reporting (WER) service. Upon opening the document, a macro is triggered, the malicious code uses a custom version of the CactusTorch VBA module to perform a fileless attack.

Phishing

Phishing Manufacturing Archiving Security

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

“For example, UNC2529 used a unique username, masquerading as an account executive for a small California-based electronics manufacturing company, which Mandiant identified through a simple Internet search.” In some attacks, the threat actors used weaponized Excel documents as a downloader.

Manufacturing

Manufacturing Phishing Military Retail

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

Over the years, the group hit defence contractors, manufacturers, universities, government agencies, legal firms involved in diplomatic disputes, and foreign companies involved with Australasian policy or South China Sea operations. . “The RTF template injection URL returned a macro-laden Microsoft Word document.

Energy and Utilities

Energy and Utilities Manufacturing Phishing Government

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

Mitsubishi Electric had also already notified members of the Japanese government and the Ministry of Defense. Mitsubishi Electric disclosed the security incident only after two local newspapers, the Asahi Shimbun and Nikkei , reported the security breach. ” states the AP press agency. ” states the AP press agency.

Security

Security Military Manufacturing Personal data

UK NCSC releases the Vulnerability Disclosure Toolkit

Security Affairs

SEPTEMBER 15, 2020

” states the document. The release of “The Vulnerability Disclosure Toolkit” is just a part of the efforts of the UK Government in the definition of national legislative frameworks. The guideline is organized into three main sections, Communication, Policy, and Security.txt.

Communications

Communications Risk Manufacturing Government

Pre-Installed malware spotted on other Android phones sold in US

Security Affairs

JULY 9, 2020

Researchers at Malwarebytes have found malware pre-installed on smartphones sold in the United States, this is the second time as documented in a report published in January. The phone was being shipped to users with two malicious malware masqueraded as Wireless Update application and a Settings app respectively.

Manufacturing

Manufacturing Government Security IT

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

Mitsubishi Electric had also already notified members of the Japanese government and Ministry of Defense. The amount of unauthorized access is approximately 200 megabytes, mainly for documents.” This morning, at a press conference, Yoshii Kan, a secretary-general of Japan, said that the company had reported the intrusion.

Data breaches

Data breaches Computer and Electronics Government Manufacturing

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

Because of these efforts, along with the efforts of others in the industry and national governments to combat the rise of commercial spyware, Defendants have been substantially weakened.” The software developed by the surveillance firm was used to spy on activists, journalists, researchers, and government officials.

Risk

Risk Government Manufacturing IT

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Organizations need to govern and control the API ecosystem, this governance is the role of API management. organizations need to govern and control the API ecosystem. This governance is the role of API management. APIs – like any other technical resource – won’t manage themselves.

Authentication

Authentication Risk Government Security

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Artificial Intelligence

Artificial Intelligence Security Ransomware Data breaches

Security Affairs newsletter Round 303

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Security

Security Blockchain Manufacturing Analytics

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

Security Affairs

AUGUST 17, 2023

The documents used in the campaign used the “Farewell to Ambassador of Germany” and “Day of German Unity” themes. “EclecticIQ Analysts assess with high confidence that the identified pdf documents are part of a wider campaign targeting diplomatic corps across the globe. zulipchat[.]com) ” concludes the report.

Phishing

Phishing Manufacturing Government Authentication

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Users could leave all the responsibility to governments and other institutions. The Flaws in Manufacturing Process. Manufacturers saw this as an opportunity and rushed in to grab their own piece of the IoT market. The results – unsupervised and cheap manufacturing processes and lack or complete absence of compliance.

IoT

IoT Cybersecurity Passwords Manufacturing

Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online

Security Affairs

JUNE 9, 2020

A threat actor is offering for sale in a darkweb black-market internal documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). As part of the regular monitoring of cybercrime forums and markets in the deep-web and darkweb , Cyble researchers spotted a threat actor named as R3dr0x who leaked (BEML) internal documents.

Data breaches

Data breaches Mining Passwords Marketing

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. What’s more, Syrén seemed to downplay the severity of the exposure.

Security

Security Ransomware Agriculture Cybersecurity

Campaign leverages Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT

Security Affairs

APRIL 22, 2019

Attackers hit organizations in several industries including Technology, Retail, Manufacturing, State/Local Government, Hospitality, Medical, and other Professional business. Researcher an analyzed a bait document built to load a malicious macro-enabled document from a remote server via Template Injection.

Retail

Retail Manufacturing Passwords Government

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. Jumper , and Leviathan ), apparently linked to the Chinese government, is focused on targeting countries important to the country’s Belt and Road Initiative (i.e.

Phishing

Phishing Passwords Government Manufacturing

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

After selecting a sample of 50,000 open printers and creating a custom printing script, we managed to print out PDF documents on 27,944 unprotected devices. Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. How we did it. Change the default password.

Security

Security IoT Passwords Manufacturing

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. The malware samples analyzed impersonated the applications of telecommunications companies or smartphone manufacturers. ” continues the report.

Military

Military Manufacturing Government Security

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT

IoT Cybersecurity Manufacturing Government

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Mitsubishi Electric had also already notified members of the Japanese government and Ministry of Defense. The amount of unauthorized access is approximately 200 megabytes, mainly for documents.”. The two media outlets attribute the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ).

Manufacturing

Manufacturing Data breaches Sales Access

Vladimir Putin ‘s computers still run Windows XP, Media reports

Security Affairs

DECEMBER 30, 2019

Open Media pointed out that that Windows XP is the last operating system developed by Microsoft that was approved by the Kremlin for use on official Russian government computers. Microsoft Windows 10 is only allowed only for government systems that don’t manage secret information. ” reads the post published by The Guardian.

Government

Government Communications Military Manufacturing

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Security Affairs

NOVEMBER 18, 2022

The authorities reported that from June 2021 through at least November 2022, threat actors employed the Hive ransomware in attacks aimed at a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Blockchain Manufacturing Analytics

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . The researchers documented multiple QBots’ module inlucing: Executable Update – Updates the current executable with a newer version or newer bot list.

Passwords

Passwords Military Manufacturing Encryption

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Security Affairs

AUGUST 3, 2023

The researchers analysed 13 infusion pumps that despite being no longer manufactured are still working in numerous medical organizations worldwide. The researchers pointed out that they haven’t found online documented data purge processes for device decommissioning. ” reads the analysis published by Rapid7.

Marketing

Marketing Authentication Communications Manufacturing

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Since March, the attackers have been trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. In other instances, the gang exploited the COVID-19 theme and anti-government rallies in Belarus in their phishing emails.

Ransomware

Ransomware Phishing Encryption Authentication

TrickBoot feature allows TrickBot bot to run UEFI attacks

Security Affairs

DECEMBER 3, 2020

The TrickBoot functionality was documented by experts from Advanced Intelligence (AdvIntel) and Eclypsium. The Secure Boot mechanism allows the execution of only software that is trusted by the Original Equipment Manufacturer (OEM). ” reads the joint analysis published by AdvIntel and Eclypsium. ” continues the post.

Manufacturing

Manufacturing Security Ransomware IT

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

Kaspersky first documented the operations of the group in 2016. Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea. The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors.

IT

IT Military Manufacturing Government

Researchers found alleged sensitive documents of NATO and Turkey

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Webinars

Trending Sources

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

Webinars

Coronavirus-themed campaign targets energy sector with PoetRAT

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

China planted tiny chips on US computers for cyber espionage

APT32 state hackers target human rights defenders with spyware

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Rhysida ransomware group hacked Abdali Hospital in Jordan

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Balikbayan Foxes group spoofs Philippine gov to spread RATs

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Japan suspects HGV missile data leak in Mitsubishi security breach

UK NCSC releases the Vulnerability Disclosure Toolkit

Pre-Installed malware spotted on other Android phones sold in US

Mitsubishi Electric discloses data breach, media blame China-linked APT

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

The Top 5 Reasons to Use an API Management Platform

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 303

APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Campaign leverages Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT

APT40 cyberespionage group supporting growth of China’s naval sector

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

The IoT Cybersecurity Act of 2020: Implications for Devices

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Vladimir Putin ‘s computers still run Windows XP, Media reports

Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies

Qbot uses a new email collector module in the latest campaign

Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings

Group-IB detects a series of ransomware attacks by OldGremlin

TrickBoot feature allows TrickBot bot to run UEFI attacks

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Stay Connected