Manufacturing, Security and Training - Information Management Today

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. The company’s backup data are complete and functioning.

Manufacturing

Manufacturing Data breaches Ransomware Security

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Every week the best security articles from Security Affairs free for you in your email box. ransomware gang BlackMatter ransomware also targets VMware ESXi servers Conti ransomware affiliate leaked gang’s training material and tools Conti Leak Indicators – What to block, in your SOC…. Do You Trust Your Smart TV?

Security

Security Ransomware Mining IoT

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Computer and Electronics Ransomware

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. “The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Phishing Encryption

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

OCTOBER 23, 2020

Security measures have been taken to limit the risk of propagation.” Sopra Steria is a member of France’s Cyber Campus , a French initiative to spread cybersecurity awareness, training, and product sales. The post Sopra Steria hit by the Ryuk ransomware gang appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Implement network segmentation.

Agriculture

Agriculture Ransomware Passwords Security awareness

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

Data Matters

OCTOBER 27, 2021

Medtech often involves a complex chain of actions involving a number of different parties, ranging from medical device manufacturers to programmers to physicians. Third, seek and use advice on minimizing security risks from AI. In such circumstances, personal injury plaintiffs may seek remedies against everyone involved in their care.

Artificial Intelligence

Artificial Intelligence Manufacturing Risk Privacy

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Focus on cyber security awareness and training.

Ransomware

Ransomware Passwords Encryption Financial Services

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp. IBM shared the following tips to prevent Raspberry Robin infections: Implement security awareness training.

Security awareness

Security awareness Manufacturing Ransomware Security

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Security Affairs

AUGUST 6, 2024

South Korea’s National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. The malware was concealed within security authentication software used during website login. The malware, written in Go, is identified by some security firms as ‘TrollAgent’.”

Information capture

Information capture Authentication Military Government

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

OCTOBER 1, 2019

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Masterplan encourages OT equipment manufacturers and service providers to implement the best cybersecurity practices by design.

Cybersecurity

Cybersecurity Manufacturing Security IT

LockBit ransomware group claims to have hacked Bridgestone Americas

Security Affairs

MARCH 13, 2022

LockBit ransomware gang claimed to have hacked Bridgestone Americas, one of the largest manufacturers of tires. LockBit ransomware gang claimed to have compromised the network of Bridgestone Americas, one of the largest manufacturers of tires, and stolen data from the company. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Systems administration Information Security

[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

KnowBe4

DECEMBER 12, 2022

based enterprise manufacturing organization cut their Phish-prone Percentage™ (PPP) by more than 80% after five months using the KnowBe4 security awareness training and simulated phishing platform.

Phishing

Phishing Security awareness Manufacturing Security

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

Researchers from security firm Trellix discovered some critical vulnerabilities in HID Mercury Access Controllers that can be exploited by attackers to remotely unlock doors. The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. ” reads the advisory. Pierluigi Paganini.

Access

Access Authentication Manufacturing Cybersecurity

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. And SYS01 stealer at heart relies on a social engineering campaign, so it’s important to train users about the tricks adversaries use so they know how to spot them.”

Government

Government Manufacturing Authentication Cybersecurity

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

APRIL 13, 2019

The association promotes federal and law enforcement leadership and training located at the FBI training academy in Quantico, VA. The hacker also provided evidence to the journalists to have hacked other websites, including a subdomain belonging to manufacturing company Foxconn. Pierluigi Paganini.

Encryption

Encryption Ransomware Manufacturing Personal data

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. But another part involves fears about national security. This is a complicated topic. The risk of discovery is too great, and the payoff would be too low.

Government

Government Risk Data collection Manufacturing

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. Latin America, the Middle East, Asia and North America were the regions with the highest number infections attempts blocked by the security solutions in H2 2020. appeared first on Security Affairs.

Phishing

Phishing Access Passwords Manufacturing

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

The Last Watchdog

APRIL 30, 2024

in different industries, including energy, manufacturing, and healthcare. The problem with this from a security perspective is that there tends to be no segregation between services. The largest ones, such as Amazon and Microsoft, have stringent protocols for securing their cloud infrastructures.

Security

Security Cybersecurity Unstructured data Cloud

EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future

eSecurity Planet

APRIL 3, 2025

Cybersecurity solutions such as the EU Cybersecurity Reserve will improve the resilience and security of critical infrastructures, including hospitals and submarine cables, the European Commission said. Another significant effort is developing a Cyber Resilience Act single reporting platform.

Cybersecurity

Cybersecurity Artificial Intelligence Government Manufacturing

Using the Human Factor in Cyber Attacks

Security Affairs

MAY 3, 2019

The Human Factor has a fundamental importance for the success of a cyber attack, for this reason it is important to create a culture of cyber security within organizations. Whaling: A specialized type of spear phishing that targets a “large” victim of a company, for example CEO, CFO or other executive.

Phishing

Phishing Cybersecurity Manufacturing Analytics

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. Implementing application allowlisting , which only allows systems to execute programs known and permitted by security policy.

Ransomware

Ransomware Phishing Risk Encryption

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

MAY 24, 2022

Excising passwords as the security linchpin to digital services is long, long overdue. Security + efficiency. Password abuse at scale arose shortly after the decision got made in the 1990s to make shared secrets the basis for securing digital connections. Threat actors now routinely bypass these second-layer security gates.

Authentication

Authentication Passwords Digital transformation Cloud

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” “Email lures came in the form of updating account security surrounding 2FA, MFA, and general account security. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

KnowBe4

OCTOBER 19, 2023

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.

Phishing

Phishing Manufacturing Education Ransomware

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Related: Why diversity in training is a good thing. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity. This is stunning: phishing attacks soared in 2018, rising 250% between January and December, according to Microsoft’s Security Intelligence Report.

Phishing

Phishing Financial Services Manufacturing Education

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

According to the latest threat landscape report from the European Cyber Security Agency (ENISA) , there has been an increase in the use of AI-based chatbots for fraudulent activities, deepfakes, and similar technologies over the last 12 months. The 2024 European Union elections face threats from content generated through these platforms.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

Industrial control systems (ICS) are the backbone of critical infrastructure, powering essential operations in the energy, manufacturing, water treatment, and transportation sectors. Are your industrial control systems secure enough? How Does ICS Security Work? What are the Key Components of ICS?

Security

Security Encryption Cybersecurity Access

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. The post Russia-Ukraine cyber conflict poses critical infrastructure at risk appeared first on Security Affairs. The Railways is under attack.

Risk

Risk Financial Services Manufacturing Communications

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

Department of Homeland Security issued a bulletin calling out Iran’s “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” And hackers linked to the Russian government were reportedly behind the Triton hack of 2017 , as well, as disclosed by security vendor FireEye.

Energy and Utilities

Energy and Utilities Access Passwords Cybersecurity

Recovering Smartphone Voice from the Accelerometer

Schneier on Security

DECEMBER 30, 2022

We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We train and test the extracted data using classical machine learning algorithms and convolutional neural networks.

Manufacturing

Manufacturing Privacy IT Paper

Key Developments in IoT Security

Thales Cloud Protection & Licensing

JULY 15, 2021

Key Developments in IoT Security. The rush to market for consumers to enjoy the modern conveniences offered by these devices shocked the security community. Security experts were concerned that these devices were built with no security in mind. Has the security of these devices gotten better, or remained the same?

IoT

IoT Security Data Privacy Encryption

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what’s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. Ford and for its giant furniture manufacturing companies.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

KnowBe4

OCTOBER 5, 2023

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.

Phishing

Phishing Financial Services Insurance Manufacturing

AI Will Save Security – And Eliminate Jobs

eSecurity Planet

JUNE 7, 2023

To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs. Security is the biggest challenge facing IT, and expect that to get worse in the near term. The same goes for security. Read on for the full implications of all this.

Security

Security Education Cybersecurity Manufacturing

From Cozy Coupe to the Real Deal: Why Training is the Key to Success

Ascent Innovations

MARCH 12, 2025

From Cozy Coupe to the Real Deal: Why Training is the Key to Success Table of Contents Share From Cozy Coupe to the Real Deal: Why Training is the Key to Success Twenty-five years ago, almost to the day, I was the picture of pure excitement. Training isnt just a checkboxits an opportunity to ensure a successful implementation.

Manufacturing

Manufacturing Cloud IT Risk

Hacked Customer Support Portal Being Used to Send Phishing Emails

KnowBe4

JULY 2, 2024

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.

Phishing

Phishing Manufacturing Security awareness Security

Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

KnowBe4

APRIL 23, 2024

Global optics manufacturer Hoya had business operations at its headquarters and several business divisions impacted and is now facing a “No Negotiation / No Discount Policy” $10 million ransom decision to make.

Manufacturing

Manufacturing Ransomware IT Security awareness

UK Suffers Third Highest Rate of Ransomware Attacks in the World

IT Governance

SEPTEMBER 30, 2022

The other most vulnerable sectors were business services (23), construction (22), manufacturing (19) and transport (18). Small businesses are vulnerable to cyber attacks because they lack the resources to address cyber security. This demonstrates how important it is to take a proactive approach to cyber security.

Ransomware

Ransomware Manufacturing Data breaches Business Services

Thales and Imperva Introduce New Accelerate Partner Networks to Address Evolving Cybersecurity Challenges

Thales Cloud Protection & Licensing

FEBRUARY 6, 2025

Thales and Imperva Introduce New Accelerate Partner Networks to Address Evolving Cybersecurity Challenges madhav Thu, 02/06/2025 - 08:04 Since Thales acquired Imperva in December 2023, the two companies have worked tirelessly to help organizations discover and protect data anywhere, manage access, and secure all its paths.

Cybersecurity

Cybersecurity Sales Marketing Cloud

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Networks and network security comes in a wide range of complexity to fit the wide range of needs. For a more general overview consider reading: What is Network Security?

Security

Security Cloud Access Encryption

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs newsletter Round 326

Webinars

Trending Sources

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Sopra Steria hit by the Ryuk ransomware gang

FBI warns of ransomware attacks targeting the food and agriculture sector

How Artificial Intelligence Manufacturers Can Protect Themselves Against Future Negligence Claims

Avoslocker ransomware gang targets US critical infrastructure

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

LockBit ransomware group claims to have hacked Bridgestone Americas

[CASE STUDY] New-school Approach to Training and Simulated Phishing Shines Over Traditional LMS

HID Mercury Access Controller flaws could allow to unlock Doors

SYS01 stealer targets critical government infrastructure

These hackers have breached FBI-affiliated websites and leaked data online

On Chinese "Spy Trains"

Which is the Threat landscape for the ICS sector in 2020?

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future

Using the Human Factor in Cyber Attacks

US CISA and FBI publish joint alert on DarkSide ransomware

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

A massive phishing campaign using QR codes targets the energy sector

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Elections 2024, artificial intelligence could upset world balances

What Is Industrial Control System (ICS) Cyber Security?

Russia-Ukraine cyber conflict poses critical infrastructure at risk

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

Recovering Smartphone Voice from the Accelerometer

Key Developments in IoT Security

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

AI Will Save Security – And Eliminate Jobs

From Cozy Coupe to the Real Deal: Why Training is the Key to Success

Hacked Customer Support Portal Being Used to Send Phishing Emails

Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

UK Suffers Third Highest Rate of Ransomware Attacks in the World

Thales and Imperva Introduce New Accelerate Partner Networks to Address Evolving Cybersecurity Challenges

Network Protection: How to Secure a Network

2022 Cyber Security Review of the Year

Stay Connected