Remove Education Remove Manufacturing Remove Risk
article thumbnail

China’s Volt Typhoon botnet has re-emerged

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

article thumbnail

CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks

Security Affairs

The list includes an attribute titled “Cyber Performance Goal (CPG),” which recommends actions that organizations can take to mitigate the risk of exposure to attacks exploiting the misconfiguration/weakness. CISA states that the RVWP program allowed the identification of more than 800 vulnerable systems to date.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

The list was published with the intent of raising awareness of common hardware weaknesses through CWE and educating designers and programmers on how to address them as part of the product development lifecycle. . The list includes a total of 12 vulnerabilities entries that had a score from 1.03 to 1.42 (the highest possible score was 2.0).

article thumbnail

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Security Affairs

Amico worked with Auto-ISAC to figure out how attackers could steal PII from vehicles manufactured by affected members. The good news for drivers is that at least manufacturers have already provided updates to make their latest models immune to the CarsBlues attack.

article thumbnail

Connecting the Bots – Hancitor fuels Cuba Ransomware Operations

Security Affairs

As of April 28, the site mentioned nine companies primarily from aviation, financial, education and manufacturing industries. As of April 28, the website offers to download data for free from 9 mainly US companies from the aviation, financial, education, manufacturing, and logistics companies which refused to pay the ransom.

article thumbnail

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. To mitigate the risk of the exploitation of the above flaws, it is recommended to disable internet connectivity for vulnerable Nexx devices or protect them with a firewall.

article thumbnail

Volvo retailer leaks sensitive files

Security Affairs

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Risk of breached comms Another piece of sensitive information observed was email credentials for the “hola” email address, most likely used for welcome emails.

Retail 246