Manufacturing, Security and Training - Information Management Today

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. The company’s backup data are complete and functioning.

Manufacturing

Manufacturing Data breaches Ransomware Security

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Computer and Electronics Ransomware

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Every week the best security articles from Security Affairs free for you in your email box. ransomware gang BlackMatter ransomware also targets VMware ESXi servers Conti ransomware affiliate leaked gang’s training material and tools Conti Leak Indicators – What to block, in your SOC…. Do You Trust Your Smart TV?

Security

Security Ransomware Mining IoT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Phishing Encryption

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

OCTOBER 23, 2020

Security measures have been taken to limit the risk of propagation.” Sopra Steria is a member of France’s Cyber Campus , a French initiative to spread cybersecurity awareness, training, and product sales. The post Sopra Steria hit by the Ryuk ransomware gang appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Implement network segmentation.

Agriculture

Agriculture Ransomware Passwords Security awareness

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp. IBM shared the following tips to prevent Raspberry Robin infections: Implement security awareness training.

Security awareness

Security awareness Manufacturing Ransomware Security

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. The malware was concealed within security authentication software used during website login. The malware, written in Go, is identified by some security firms as ‘TrollAgent’.”

Information capture

Information capture Authentication Military Government

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

Data Matters

OCTOBER 27, 2021

Medtech often involves a complex chain of actions involving a number of different parties, ranging from medical device manufacturers to programmers to physicians. Third, seek and use advice on minimizing security risks from AI. In such circumstances, personal injury plaintiffs may seek remedies against everyone involved in their care.

Artificial Intelligence

Artificial Intelligence Manufacturing Risk Privacy

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

OCTOBER 1, 2019

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Masterplan encourages OT equipment manufacturers and service providers to implement the best cybersecurity practices by design.

Cybersecurity

Cybersecurity Manufacturing Security IT

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

Researchers from security firm Trellix discovered some critical vulnerabilities in HID Mercury Access Controllers that can be exploited by attackers to remotely unlock doors. The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. ” reads the advisory. Pierluigi Paganini.

Access

Access Authentication Manufacturing Cybersecurity

[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

KnowBe4

DECEMBER 12, 2022

based enterprise manufacturing organization cut their Phish-prone Percentage™ (PPP) by more than 80% after five months using the KnowBe4 security awareness training and simulated phishing platform.

Phishing

Phishing Security awareness Manufacturing Security

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. And SYS01 stealer at heart relies on a social engineering campaign, so it’s important to train users about the tricks adversaries use so they know how to spot them.”

Government

Government Manufacturing Authentication Cybersecurity

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

APRIL 13, 2019

The association promotes federal and law enforcement leadership and training located at the FBI training academy in Quantico, VA. The hacker also provided evidence to the journalists to have hacked other websites, including a subdomain belonging to manufacturing company Foxconn. Pierluigi Paganini.

Encryption

Encryption Ransomware Manufacturing Personal data

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. Latin America, the Middle East, Asia and North America were the regions with the highest number infections attempts blocked by the security solutions in H2 2020. appeared first on Security Affairs.

Phishing

Phishing Access Passwords Manufacturing

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. But another part involves fears about national security. This is a complicated topic. The risk of discovery is too great, and the payoff would be too low.

Government

Government Risk Manufacturing Data collection

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

The Last Watchdog

APRIL 30, 2024

in different industries, including energy, manufacturing, and healthcare. The problem with this from a security perspective is that there tends to be no segregation between services. The largest ones, such as Amazon and Microsoft, have stringent protocols for securing their cloud infrastructures.

Security

Security Cybersecurity Unstructured data Cloud

Using the Human Factor in Cyber Attacks

Security Affairs

MAY 3, 2019

The Human Factor has a fundamental importance for the success of a cyber attack, for this reason it is important to create a culture of cyber security within organizations. Whaling: A specialized type of spear phishing that targets a “large” victim of a company, for example CEO, CFO or other executive.

Phishing

Phishing Cybersecurity Manufacturing Analytics

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. Implementing application allowlisting , which only allows systems to execute programs known and permitted by security policy.

Ransomware

Ransomware Phishing Risk Encryption

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

MAY 24, 2022

Excising passwords as the security linchpin to digital services is long, long overdue. Security + efficiency. Password abuse at scale arose shortly after the decision got made in the 1990s to make shared secrets the basis for securing digital connections. Threat actors now routinely bypass these second-layer security gates.

Authentication

Authentication Passwords Digital transformation Cloud

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” “Email lures came in the form of updating account security surrounding 2FA, MFA, and general account security. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

KnowBe4

OCTOBER 19, 2023

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.

Phishing

Phishing Manufacturing Education Ransomware

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

According to the latest threat landscape report from the European Cyber Security Agency (ENISA) , there has been an increase in the use of AI-based chatbots for fraudulent activities, deepfakes, and similar technologies over the last 12 months. The 2024 European Union elections face threats from content generated through these platforms.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Related: Why diversity in training is a good thing. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity. This is stunning: phishing attacks soared in 2018, rising 250% between January and December, according to Microsoft’s Security Intelligence Report.

Phishing

Phishing Financial Services Manufacturing Education

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

Industrial control systems (ICS) are the backbone of critical infrastructure, powering essential operations in the energy, manufacturing, water treatment, and transportation sectors. Are your industrial control systems secure enough? How Does ICS Security Work? What are the Key Components of ICS?

Security

Security Encryption Cybersecurity Communications

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. The post Russia-Ukraine cyber conflict poses critical infrastructure at risk appeared first on Security Affairs. The Railways is under attack.

Risk

Risk Financial Services Manufacturing Communications

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” And hackers linked to the Russian government were reportedly behind the Triton hack of 2017 , as well, as disclosed by security vendor FireEye.

Energy and Utilities

Energy and Utilities Access Cybersecurity Passwords

Recovering Smartphone Voice from the Accelerometer

Schneier on Security

DECEMBER 30, 2022

We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We train and test the extracted data using classical machine learning algorithms and convolutional neural networks.

Manufacturing

Manufacturing Privacy IT Paper

Key Developments in IoT Security

Thales Cloud Protection & Licensing

JULY 15, 2021

Key Developments in IoT Security. The rush to market for consumers to enjoy the modern conveniences offered by these devices shocked the security community. Security experts were concerned that these devices were built with no security in mind. Has the security of these devices gotten better, or remained the same?

IoT

IoT Security Data Privacy Encryption

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what’s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. Ford and for its giant furniture manufacturing companies.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

KnowBe4

OCTOBER 5, 2023

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.

Phishing

Phishing Financial Services Insurance Manufacturing

AI Will Save Security – And Eliminate Jobs

eSecurity Planet

JUNE 7, 2023

To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs. Security is the biggest challenge facing IT, and expect that to get worse in the near term. The same goes for security. Read on for the full implications of all this.

Security

Security Education Cybersecurity Manufacturing

Hacked Customer Support Portal Being Used to Send Phishing Emails

KnowBe4

JULY 2, 2024

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.

Phishing

Phishing Manufacturing Security awareness Security

Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

KnowBe4

APRIL 23, 2024

Global optics manufacturer Hoya had business operations at its headquarters and several business divisions impacted and is now facing a “No Negotiation / No Discount Policy” $10 million ransom decision to make.

Manufacturing

Manufacturing Ransomware IT Security awareness

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Networks and network security comes in a wide range of complexity to fit the wide range of needs. For a more general overview consider reading: What is Network Security?

Security

Security Cloud Access Encryption

Clorox Experiences Significant Financial Loss Stemming From Recent Cyber Attack

KnowBe4

OCTOBER 6, 2023

Popular American global manufacturer of cleaning products Clorox stated that recent sales and profit loss to a cyber attack.

Manufacturing

Manufacturing Sales Security awareness Security

Shortages of talent, training haunt cybersecurity efforts

Information Management Resources

JANUARY 29, 2019

Manufacturers face serious cyber security concerns, but they continue to struggle with finding skilled professionals and might be underspending on security training.

Cybersecurity

Cybersecurity Manufacturing Security

How DMARC Can Protect Against Ransomware

eSecurity Planet

SEPTEMBER 2, 2021

Attackers have targeted critical and vulnerable sectors such as manufacturing, financial, transportation, healthcare, government administration, energy, and more, including a couple of $50 million attacks on the likes of Acer and Quanta. Security specialists recommend using DMARC to help protect against ransomware attacks. East Coast.

Ransomware

Ransomware Authentication Encryption Manufacturing

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Increasing our offensive capabilities without being able to secure them is like having all the best guns in the world, and then storing them in an unlocked, unguarded armory. Military software is unlikely to be any more secure than commercial software. A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S.

Military

Military Cybersecurity Communications Manufacturing

FPGA vs. GPU: Which is better for deep learning?

IBM Big Data Hub

MAY 10, 2024

Considering circuitry, both GPUs and FPGAs make effective central processing units (CPUs) , with many available options from manufacturers like NVIDIA or Xilinx designed for compatibility with modern Peripheral Component Interconnect Express (PCIe) standards. And processing this data takes a large amount of computing power.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Cloud Manufacturing

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

The Last Watchdog

APRIL 24, 2019

Allen is a widely respected thought leader on this topic, having launched Shared Assessments in 2005 as an intel-sharing and training consortium focused on third-party risks. You also have different perspectives; you’ve got privacy concerns, security concerns, business continuity concerns.” And it’s not a static thing.

Risk

Risk IoT Digital transformation Retail

Planes, Trains and Automobiles

RFID Global Solution, Inc.

MARCH 22, 2018

Planes, Trains and Automobiles – How RFID is Transforming Transportation. RFID sensors and tags can be used to ensure the integrity and security of cargo in real-time: tagging and monitoring railcars, containers, and cargo. by Diana Hage. Learn More About RFID for Your Business.

Manufacturing

Manufacturing Sales IT Security

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

Trending Sources

Security Affairs newsletter Round 326

Webinars

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Sopra Steria hit by the Ryuk ransomware gang

FBI warns of ransomware attacks targeting the food and agriculture sector

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

HID Mercury Access Controller flaws could allow to unlock Doors

[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

SYS01 stealer targets critical government infrastructure

These hackers have breached FBI-affiliated websites and leaked data online

Which is the Threat landscape for the ICS sector in 2020?

On Chinese "Spy Trains"

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

Using the Human Factor in Cyber Attacks

US CISA and FBI publish joint alert on DarkSide ransomware

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

A massive phishing campaign using QR codes targets the energy sector

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

Elections 2024, artificial intelligence could upset world balances

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

What Is Industrial Control System (ICS) Cyber Security?

Russia-Ukraine cyber conflict poses critical infrastructure at risk

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

Recovering Smartphone Voice from the Accelerometer

Key Developments in IoT Security

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

AI Will Save Security – And Eliminate Jobs

Hacked Customer Support Portal Being Used to Send Phishing Emails

Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

Network Protection: How to Secure a Network

Clorox Experiences Significant Financial Loss Stemming From Recent Cyber Attack

Shortages of talent, training haunt cybersecurity efforts

How DMARC Can Protect Against Ransomware

Vulnerabilities in Weapons Systems

FPGA vs. GPU: Which is better for deep learning?

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

Planes, Trains and Automobiles

Stay Connected