Events, Manufacturing and Security - Information Management Today

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. According to the company, attackers did not obtain sensitive information about defense contracts.

Security

Security Manufacturing Data breaches Access

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. critical infrastructure in the event of a major crisis or conflict with the United States.

e-Discovery

e-Discovery Communications Ransomware Government

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? “These events ensue an unsatisfying narrative – Is it really hacktivism or cyber espionage?” ” reads the post published by Cyble. Pierluigi Paganini. SecurityAffairs – hacking, NATO).

Military

Military Manufacturing Phishing Government

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems.

Data breaches

Data breaches Ransomware Manufacturing Encryption

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Security Affairs

AUGUST 31, 2023

The vulnerability posed a risk not only to NSC systems but also to the companies using NSC services. Leaked credentials could have been used for credential stuffing attacks, which try to log into companies’ internet-connected tools such as VPN portals, HR management platforms, or corporate emails.

Passwords

Passwords Healthcare Manufacturing Access

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

Both FBI and Europol declined to comment on the events. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, CISA) The post Law enforcement operation seized Ragnar Locker group’s infrastructure appeared first on Security Affairs.

Ransomware

Ransomware Financial Services Manufacturing Government

Security Affairs newsletter Round 196 – News of the week

Security Affairs

JANUARY 13, 2019

The best news of the week with Security Affairs. Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year. ReiKey app for macOS can detect Mac Keyloggers using event taps. First Google security patches for Android in 2019 fix a critical flaw. 20% discount. Kindle Edition.

Security

Security Manufacturing Paper Ransomware

REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

Security Affairs

APRIL 21, 2021

REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer. Quanta Computer is a Taiwan-based manufacturer of notebook computers and other electronic hardware. Its customers include Apple Inc.,

Ransomware

Ransomware Computer and Electronics IT Manufacturing

Kaspersky found dozens of flaws in 4 open-source VNC software

Security Affairs

NOVEMBER 23, 2019

VNC systems use the remote frame buffer (RFB) protocol to remotely control a device, transfer screen images, mouse movement and keypress events between devices. VNC is widely adopted in industrial environments and many manufacturers of industrial control systems (ICS) leverage on VNC to implement remote control for their products.

Manufacturing

Manufacturing Risk Passwords Access

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

Data Matters

OCTOBER 27, 2021

Medtech often involves a complex chain of actions involving a number of different parties, ranging from medical device manufacturers to programmers to physicians. If AI is blamed for misdiagnosing a patient, it may be attributed to a series of connected events rather than to a single failure.

Artificial Intelligence

Artificial Intelligence Manufacturing Risk Privacy

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The library notified law enforcement agencies and is investigating the security breach with the help of cybersecurity experts. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. This appears to be from our internal HR files.

Libraries

Libraries Ransomware Manufacturing Education

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

MAY 16, 2022

“The same technologies that make supply chains faster and more effective also threaten their cybersecurity,” writes David Lukic , a privacy, security, and compliance consultant. Supply chains have vulnerabilities at touchpoints with manufacturers, suppliers, and other service providers.”. Threat detection.

Cybersecurity

Cybersecurity Artificial Intelligence Manufacturing Risk

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. The post Holy Ghost ransomware operation is linked to North Korea appeared first on Security Affairs. MSTIC linked DEV-0530 to another North Korean-based group tracked as PLUTONIUM (aka DarkSeoul or Andariel ).

Ransomware

Ransomware Encryption Government Manufacturing

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2% Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Archiving Government

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Manufacturing

Manufacturing Passwords Blockchain Cloud

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. ” Other users reported similar problems with the MalwareRemover, but it is still unclear if the events are linked. Pierluigi Paganini.

Manufacturing

Manufacturing Risk Marketing Cloud

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

a cyber event disrupted energy grid operations in California, Wyoming, and Utah. The news was first reported by E&E News, a “cyber event” interrupted grid operations in parts of the western United States in March, according to a report posted by the Department of Energy. . and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Communications Manufacturing Risk

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. ETL 2023 identified public administration as the most targeted sector (~19%), followed by targeted individuals (~11%), health (~8%), digital infrastructure (~7%) and manufacturing, finance and transport.

Artificial Intelligence

Artificial Intelligence Ransomware Cybersecurity Manufacturing

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

APRIL 27, 2021

The Intel TDT technology allows sharing heuristics and telemetry with security software that could use this data to detect the activity associated with a malicious code. This partnership is part of Microsoft’s investment into collaborations with original equipment manufacturers (OEMs) and technology partners.” Pierluigi Paganini.

Mining

Mining Manufacturing Security IT

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. Tony Sager, senior vice president and chief evangelist at the Center for Internet Security. TS: Like a lot of things in security, the economics always win.

Security

Security Computer and Electronics IoT Cloud

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

TA423 is a China-linked cyber espionage group that has been active since 2013, it focuses on political events in the Asia-Pacific region, specifically on the South China Sea. The post China-linked APT40 used ScanBox Framework in a long-running espionage campaign appeared first on Security Affairs. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Phishing Government

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

Security Affairs

MARCH 21, 2023

.” In October 2022, the Italian luxury sports car manufacturer confirmed the availability of internal documents online, but said it has no evidence of cyber attack. At the time of this writing, the statement published by the company suggests that the two events are not linked.

Data breaches

Data breaches Manufacturing Cybersecurity Access

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Access

Top cybersecurity Predictions for 2020

Security Affairs

DECEMBER 27, 2019

Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year. In 2020, the number of attacks associated with Advanced Persistent Threat actors that haven’t been previously identified by the security researchers will increase. 3) IoT devices under attack.

Cybersecurity

Cybersecurity IoT Ransomware Manufacturing

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Security Affairs

JUNE 1, 2023

” In the event that the security breach is verified, it is reasonable to speculate that the ransomware group might have compromised sensitive and possibly classified information. .” reads the nessage published on the leak site. “We encourage you to get in touch or we’ll start posting your data on our blog soon.

Ransomware

Ransomware Manufacturing Cybersecurity IT

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

Egregor’s favorite sectors are Manufacturing (28.9% The post QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor appeared first on Security Affairs. Other victims happened to be from the APAC, the Middle East, and Latin America. of victims) and Retail (14.5%). Inside Egregor. Pierluigi Paganini.

Ransomware

Ransomware Retail Encryption Manufacturing

GUEST ESSAY: Here?s why Tesla has been sabotaged twice in two years ? lax network security

The Last Watchdog

JUNE 21, 2018

Musk reportedly sent out an internal email describing how an unnamed insider allegedly made unspecified code changes to the company’s manufacturing systems. For a cutting-edge company like Tesla, its security practices seem to be pretty lax, especially in light of previous suspicions of sabotage two years hence.

Security

Security Manufacturing Analytics Access

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

Key events include the European Parliament elections in June, the U.S. According to the latest threat landscape report from the European Cyber Security Agency (ENISA) , there has been an increase in the use of AI-based chatbots for fraudulent activities, deepfakes, and similar technologies over the last 12 months.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

GoDaddy discloses a new data breach

Security Affairs

FEBRUARY 18, 2023

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. The security breach was discovered in December 2022 after customer reported that their sites were being used to redirect to random domains. ” concludes the company.

Data breaches

Data breaches Military Manufacturing Libraries

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security Affairs

SEPTEMBER 27, 2018

Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. Security experts have debated for a long about UEFI rootkits that are very dangerous malware hard to detect and that could resist to the operating system reinstallation and even to the hard disk replacement.

Military

Military Manufacturing Government Security

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

“[In 2017] APT40 was observed masquerading as a UUV manufacturer, and targeting universities engaged in naval research. The post APT40 cyberespionage group supporting growth of China’s naval sector appeared first on Security Affairs. ” reads the analysis published by FireEye. Pierluigi Paganini.

Phishing

Phishing Passwords Government Manufacturing

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Security Affairs

AUGUST 27, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Communications Authentication Access

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Security Affairs

JUNE 1, 2021

According to Resecurity, at the early stage of activity the group leveraged Sonar, a secure data transfer tool deployed in Tor network providing API ( [link] ). According to expert statistics, the greatest number of victims in 2020 by industry were in manufacturing, professional and legal services, and construction. Pierluigi Paganini.

Ransomware

Ransomware Sales Government GDPR

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. This sudden surge in attacks is due to the geopolitical events of the current Russian – Ukraine conflict.” ” concludes the report.

Risk

Risk Financial Services Manufacturing Communications

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material. NO NEWS IS GOOD NEWS? Information sharing is broken.” ” AN INTERNATIONAL CHALLENGE.

IT

IT Cybersecurity Access Ransomware

Boffins discovered seven new Meltdown and Spectre attacks

Security Affairs

NOVEMBER 14, 2018

In January, white hackers from Google Project Zero disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel. Security Affairs – Meltdown, hacking). The post Boffins discovered seven new Meltdown and Spectre attacks appeared first on Security Affairs.

Paper

Paper Manufacturing Security IT

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key

Thales Cloud Protection & Licensing

MARCH 12, 2025

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 - 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings.

Passwords

Passwords Authentication Security Compliance

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

MARCH 28, 2019

A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. His blog, Krebs on Security , was knocked down alright. It’s easy to do when there are six million open DNS resolvers on the internet using poor security practices.”. Beyond DDoS.

IoT

IoT Mining Security Manufacturing

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. While it’s a progressive step for the network security of the U.S. While it’s a progressive step for the network security of the U.S.

IoT

IoT Cybersecurity Manufacturing Government

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

The proposed EU Cyber Resilience Act: what it is and how it may impact the supply chain

Data Protection Report

OCTOBER 17, 2022

The CRA introduces common cybersecurity rules for manufacturers, developers and distributors of products with digital elements, covering both hardware and software. These security requirements are high level and drafted broadly. The CRA complements the “NIS2 Directive” which is also going through the EU legislative process.

Manufacturing

Manufacturing IT Cybersecurity Marketing

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

China’s Volt Typhoon botnet has re-emerged

Webinars

Trending Sources

FBI and CISA warn of attacks by Rhysida ransomware gang

Webinars

Researchers found alleged sensitive documents of NATO and Turkey

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs newsletter Round 196 – News of the week

REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

Kaspersky found dozens of flaws in 4 open-source VNC software

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Rhysida ransomware gang is auctioning data stolen from the British Library

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

Holy Ghost ransomware operation is linked to North Korea

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

A mysterious code prevents QNAP NAS devices to be updated

DoS attack the caused disruption at US power utility exploited a known flaw

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Supply Chain Security 101: An Expert’s View

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

FBI chief says China is preparing to attack US critical infrastructure

Top cybersecurity Predictions for 2020

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

GUEST ESSAY: Here?s why Tesla has been sabotaged twice in two years ? lax network security

Elections 2024, artificial intelligence could upset world balances

GoDaddy discloses a new data breach

Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

APT40 cyberespionage group supporting growth of China’s naval sector

China-linked APT Volt Typhoon exploited a zero-day in Versa Director

Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

Top IoT Security Solutions of 2021

Russia-Ukraine cyber conflict poses critical infrastructure at risk

What’s most interesting about the Florida water system hack? That we heard about it at all.

Boffins discovered seven new Meltdown and Spectre attacks

Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The IoT Cybersecurity Act of 2020: Implications for Devices

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

The proposed EU Cyber Resilience Act: what it is and how it may impact the supply chain

Stay Connected