Manufacturing, Security and Video - Information Management Today

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Ransomware Data breaches Risk

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. The post Threat actor claims to have hacked European manufacturer of missiles MBDA appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Military Archiving Cybersecurity

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Security Affairs

JULY 28, 2019

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution flaw.

Manufacturing

Manufacturing Security IT Information Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Millions of devices are affected by security vulnerabilities that can be easily exploited by a remote attacker to take over devices. video streams that are viewed). Who controls these servers?

Cloud

Cloud Passwords Manufacturing IoT

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Cybersecurity

Cybersecurity Access IoT Manufacturing

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection. Pierluigi Paganini.

Manufacturing

Manufacturing Paper Communications IT

GSA Sparks Security Fears After Buying Risky Chinese Cameras

Data Breach Today

JANUARY 24, 2024

federal networks after a government watchdog caught the government's main acquisition arm purchasing unauthorized, Chinese-manufactured video conference cameras. Experts Warn Against Increasing Federal Reliance on Chinese Technology Experts are raising fresh concerns about the "significant risk" for Chinese espionage against U.S.

Manufacturing

Manufacturing Security Government Risk

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. ” reads the report published by CR.

Manufacturing

Manufacturing Retail Sales Communications

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

The best news of the week with Security Affairs. Google mistakenly shared private videos of some users with others in 2019. Japanese defense contractors Pasco and Kobe Steel disclose security breaches. IoT devices at major Manufacturers infected with crypto-miner. A new round of the weekly newsletter arrived!

Security

Security Ransomware IoT Manufacturing

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

Popular voice and video conferencing software 3CX was the victim of a supply chain attack, SentinelOne researchers reported. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. “Unfortunately the rumors are true.

File names

File names Manufacturing Libraries Cybersecurity

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. The regulation around IoT security was this year’s signal that the answer is, fortunately, no. Insights from VDOO’s leadership. 2019 will continue these trends but at a faster pace.

IoT

IoT Security Manufacturing Privacy

Unpatched Manufacturing Camera Could Allow Industrial Spying

Data Breach Today

MARCH 28, 2025

Hackers Can Skip Login Protections to Access the 'choco tei' Camera An industrial camera common to Japanese manufacturer production lines has unpatched vulnerabilities allowing hackers to secretly access live footage or stop it from recording.

Manufacturing

Manufacturing Access Security IT

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually. Acting on a tip from Milwaukee, Wis.-based

Security

Security Ransomware Agriculture Cybersecurity

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called “swatting” attacks. team to a specific location. Pierluigi Paganini.

Passwords

Passwords Manufacturing Authentication Access

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. ” continues the article.

IoT

IoT Paper Access Manufacturing

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ). ONVIF provides and promotes standardized interfaces for effective interoperability of IP-based physical security products. The following versions of Dahua video products, are affected : Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620

Authentication

Authentication Manufacturing Security Access

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. After looking at 28 of the most popular manufacturers, our research team found 3.5 The reign of a Chinese brand. Most insecure brands.

Passwords

Passwords Manufacturing Authentication Government

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs

OCTOBER 1, 2023

The ransomware group accused the organization of has attempted to cover up the security breach. Maclaren Your security is at an all-time low, and we’ve proven it to you. The cyber security researcher Dominic Alvieri reported that ALPHV BlackCat Ransomware has breached 15 more US hospitals & 2 HMOs.

Ransomware

Ransomware Manufacturing Privacy Security

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Every week the best security articles from Security Affairs free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Data breaches Military Ransomware

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Financial Services Access

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Security Affairs

SEPTEMBER 30, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Motel One ) The post ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One appeared first on Security Affairs. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware Manufacturing Risk IT

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. Pierluigi Paganini.

Manufacturing

Manufacturing Passwords Access Security

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Microsoft already fixed the vulnerability with the release of July Patch Tuesday security updates. Please contact your device manufacturers for the state of Enhanced Sign-in Security on your device.

Manufacturing

Manufacturing Authentication Security Access

BadPower attack could burn your device through fast charging

Security Affairs

JULY 21, 2020

Security researchers from Tencent have devised a technique, dubbed BadPower, to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. “In rare cases, BadPower attacks may also affect the security of the physical environment around the device.” Pierluigi Paganini.

Manufacturing

Manufacturing Security Marketing IT

StrandHogg 2.0 Android flaw affects over 1 Billion devices

Security Affairs

MAY 26, 2020

In December, security experts atPromon disclosed a vulnerability, dubbed StrandHogg, that has been exploited by tens of malicious Android apps. Experts reported the flaw to Google in December, the tech giant released a security patch to manufacturing companies in April 2020, that are going to release security updates to their devices.

Access

Access Manufacturing Phishing Security

United Airlines covers up seat cameras to respond to privacy concerns

Security Affairs

APRIL 29, 2019

gaming , video conferencing). “As As with many other airlines, some of our premium seats have in-flight entertainment systems that came with cameras installed by the manufacturer.” The cameras are a standard feature that manufacturers of the system included for possible future purposes such as video conferencing.”

Privacy

Privacy Manufacturing Security IT

Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition

Security Affairs

MAY 27, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Is the BlackByte ransomware gang behind the City of Augusta attack?

Security

Security Ransomware Manufacturing Cybersecurity

Sonos smart speakers flaw allowed to eavesdrop on users

Security Affairs

AUGUST 9, 2024

MediaTek, who manufactures Wi-Fi SoC for Sonos speaker, released a security advisory in March 2024 (CVE-2024-20018). The driver itself was a third-party chipset by MediaTek who has now the associated patch with the March 2024 Security Bulletin (CVE-2024-20018). it also informed customers that no workarounds are available.

Manufacturing

Manufacturing Paper Security IT

Killnet claims to have breached Lockheed Martin

Security Affairs

AUGUST 13, 2022

In a video shared by the group on Telegram, the group claimed to have stolen the personal information of the Lockheed Martin employees, including names, email addresses, phone numbers, and pictures. The post Killnet claims to have breached Lockheed Martin appeared first on Security Affairs. Tanslated with Google). Pierluigi Paganini.

Manufacturing

Manufacturing Government IT Security

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Security Affairs

NOVEMBER 19, 2019

The vulnerabilities are collectively tracked as CVE-2019-2234, attackers could exploit them to conduct several activities, including recording videos, taking photos, recording voice calls, tracking the user’s location. The vulnerabilities could be exploited by threat actors even if the phone is locked and the screen is turned off. .

Manufacturing

Manufacturing Metadata Security awareness IoT

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

The security breach exposed the sensitive personal information of 2,192,515 people. Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. million individuals. It is a $6.6

Data breaches

Data breaches Ransomware Insurance Manufacturing

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

Researchers from security firm Trellix discovered some critical vulnerabilities in HID Mercury Access Controllers that can be exploited by attackers to remotely unlock doors. The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. ” reads the advisory. Pierluigi Paganini.

Access

Access Authentication Manufacturing Cybersecurity

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. SANFONG Inc., Wasay Software Technology Inc.,

Security

Security Manufacturing Education IT

Qualcomm fixed a zero-day exploited limited, targeted attacks

Security Affairs

OCTOBER 8, 2024

” The flaw was reported by cybersecurity researchers Seth Jenkins from Google Project Zero and Conghui Wang from Amnesty International Security Lab. Please contact your device manufacturer for more information on the patch status about specific devices.”

Manufacturing

Manufacturing Cybersecurity IT Security

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Manufacturing

Manufacturing Passwords Blockchain Cloud

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Below is a video demo published by the researcher that shows how to exploit the flaw CVE-2023–1748 to obtain users’ info.

Manufacturing

Manufacturing Cybersecurity Education Authentication

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2% Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Archiving Authentication

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. “The problem is that peripheral devices often lack the same security best practices that we take for granted in operating systems and in other more visible components, like the UEFI or BIOS.”

Authentication

Authentication Manufacturing Security Ransomware

Joker malware infected 538,000 Huawei Android devices

Security Affairs

APRIL 11, 2021

The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”. the official app store from the Huawei Android device manufacturer.” ” reads the post published by Dr. Web.

Manufacturing

Manufacturing Access Security IT

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

Related: The need for supply chain security This is to be expected. I had an eye-opening conversation about all of this with Steve Hanna , distinguished engineer at Infineon Technologies , a global semiconductor manufacturer based in Neubiberg, Germany. other European nations and Singapore soon began moving in this direction, as well.

IoT

IoT Security Manufacturing Cybersecurity

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Security Affairs

MAY 2, 2021

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle. Automotive manufacturers can scale up their software testing and remediation pipelines by orders of magnitude by using KunnaEmu. The researchers Kunnamon, Inc.’s concluded Dr. Weinmann.

Manufacturing

Manufacturing Security Cloud IT

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. We envision substantial amendments to the BLE stack certification to avoid SweynTooth style security flaws. The group was composed of researchers Matheus E. .

IoT

IoT Security Manufacturing Communications

US DoJ announced to have shut down the Russian RSOCKS Botnet

Security Affairs

JUNE 18, 2022

The RSOCKS was composed of millions of compromised computers and other electronic devices around the world, including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Computer and Electronics

Computer and Electronics Access Manufacturing Sales

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A Webcam made by HiChip that includes the iLnkP2P software.

IoT

IoT Manufacturing Passwords Computer and Electronics

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Threat actor claims to have hacked European manufacturer of missiles MBDA

Webinars

Trending Sources

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Webinars

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

An RCE in Annke video surveillance product allows hacking the device

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

GSA Sparks Security Fears After Buying Risky Chinese Cameras

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs newsletter Round 250

3CX voice and video conferencing software victim of a supply chain attack

5 IoT Security Predictions for 2019

Unpatched Manufacturing Camera Could Allow Industrial Spying

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

FBI warns swatting attacks on owners of smart devices

Hackers claim to have compromised 50,000 home cameras and posted footage online

A flaw in Dahua IP Cameras allows full take over of the devices

3.5m IP cameras exposed, with US in the lead

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs newsletter Round 404 by Pierluigi Paganini

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Botnet operators target multiple zero-day flaws in LILIN DVRs

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

BadPower attack could burn your device through fast charging

StrandHogg 2.0 Android flaw affects over 1 Billion devices

United Airlines covers up seat cameras to respond to privacy concerns

Security Affairs newsletter Round 421 by Pierluigi Paganini – International edition

Sonos smart speakers flaw allowed to eavesdrop on users

Killnet claims to have breached Lockheed Martin

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

McLaren Health Care revealed that a data breach impacted 2.2 million people

HID Mercury Access Controller flaws could allow to unlock Doors

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Qualcomm fixed a zero-day exploited limited, targeted attacks

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Nexx bugs allow to open garage doors, and take control of alarms and plugs

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Joker malware infected 538,000 Huawei Android devices

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

US DoJ announced to have shut down the Russian RSOCKS Botnet

P2P Weakness Exposes Millions of IoT Devices

Stay Connected