Manufacturing and Video - Information Management Today

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, to the list of victims on its Tor leak site.

Manufacturing

Manufacturing Ransomware Data breaches Risk

Threat actor claims to have hacked European manufacturer of missiles MBDA

Security Affairs

JULY 31, 2022

Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. The post Threat actor claims to have hacked European manufacturer of missiles MBDA appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Manufacturing

Manufacturing Military Archiving Cybersecurity

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Security Affairs

JULY 28, 2019

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution flaw.

Manufacturing

Manufacturing Security IT Information Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. video streams that are viewed). This user seems to at least have permissions to access/view video streams.” Xiongmai hereinafter) that are open to hack. Who controls these servers?

Cloud

Cloud Passwords Manufacturing IoT

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Cybersecurity

Cybersecurity Access IoT Manufacturing

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection. Pierluigi Paganini.

Manufacturing

Manufacturing Paper Communications IT

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. ” reads the report published by CR.

Manufacturing

Manufacturing Retail Sales Communications

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

Popular voice and video conferencing software 3CX was the victim of a supply chain attack, SentinelOne researchers reported. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. “Unfortunately the rumors are true.

File names

File names Manufacturing Libraries Cybersecurity

Unpatched Manufacturing Camera Could Allow Industrial Spying

Data Breach Today

MARCH 28, 2025

Hackers Can Skip Login Protections to Access the 'choco tei' Camera An industrial camera common to Japanese manufacturer production lines has unpatched vulnerabilities allowing hackers to secretly access live footage or stop it from recording.

Manufacturing

Manufacturing Access Security IT

GSA Sparks Security Fears After Buying Risky Chinese Cameras

Data Breach Today

JANUARY 24, 2024

federal networks after a government watchdog caught the government's main acquisition arm purchasing unauthorized, Chinese-manufactured video conference cameras. Experts Warn Against Increasing Federal Reliance on Chinese Technology Experts are raising fresh concerns about the "significant risk" for Chinese espionage against U.S.

Manufacturing

Manufacturing Security Government Risk

GUEST ESSAY: Taking proactive steps to heal the planet — by reducing the impact of video streaming

The Last Watchdog

DECEMBER 3, 2023

Related: Big data can foster improved healthcare Within that, video represents over 80 percent of the traffic that flows through this global network which is growing rapidly at about 25 percent per year. A tremendous amount of video traffic is being managed by IT departments.

Energy and Utilities

Energy and Utilities Manufacturing Marketing Military

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called “swatting” attacks. team to a specific location.

Passwords

Passwords Manufacturing Authentication Access

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ). The following versions of Dahua video products, are affected : Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620 The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras.

Authentication

Authentication Manufacturing Security Access

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

” The videos show people of varying ages in compromising positions, in some cases undressed. Most of the videos appear to belong to people from Singapore, other private footages come from people living in Thailand, South Korea, and Canada. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Paper Access Manufacturing

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Security Affairs

SEPTEMBER 30, 2023

the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware Manufacturing Risk IT

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-.

Manufacturing

Manufacturing Passwords Access Security

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards.

Computer and Electronics

Computer and Electronics Manufacturing Financial Services Access

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

After looking at 28 of the most popular manufacturers, our research team found 3.5 What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. Most of the public-facing cameras we discovered are manufactured by the Chinese company Hikvision: the Cybernews research team found over 3.37

Passwords

Passwords Manufacturing Authentication Government

United Airlines covers up seat cameras to respond to privacy concerns

Security Affairs

APRIL 29, 2019

gaming , video conferencing). “As As with many other airlines, some of our premium seats have in-flight entertainment systems that came with cameras installed by the manufacturer.” The cameras are a standard feature that manufacturers of the system included for possible future purposes such as video conferencing.”

Privacy

Privacy Manufacturing Security IT

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Security Affairs

OCTOBER 1, 2023

The Alphv ransomware group has been very active in this period, recently it claimed to have hacked Clarion , the global manufacturer of audio and video equipment for cars and other vehicles, and the hotel chain Motel One. .” reads the message published by the ALPHV gang on its leak site.

Ransomware

Ransomware Manufacturing Privacy Security

Killnet claims to have breached Lockheed Martin

Security Affairs

AUGUST 13, 2022

In a video shared by the group on Telegram, the group claimed to have stolen the personal information of the Lockheed Martin employees, including names, email addresses, phone numbers, and pictures. Let them realize what they create and what they contribute to.” Tanslated with Google).

Manufacturing

Manufacturing Government IT Security

BadPower attack could burn your device through fast charging

Security Affairs

JULY 21, 2020

Xuanwu Lab also investigated 34 fast-charging chip manufacturers and discovered that at least 18 chip manufacturers produce chips with the function of updating firmware after finished products. ” Researchers also published a video PoC of the BadPower attack. Attackers could exploit this function to conduct BadPower attack.

Manufacturing

Manufacturing Security Marketing IT

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Security Affairs

NOVEMBER 19, 2019

The vulnerabilities are collectively tracked as CVE-2019-2234, attackers could exploit them to conduct several activities, including recording videos, taking photos, recording voice calls, tracking the user’s location. The vulnerabilities could be exploited by threat actors even if the phone is locked and the screen is turned off. .

Manufacturing

Manufacturing Metadata Security awareness IoT

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

The experts demonstrated how to bypass the security feature in a video PoC: Bypassing Windows Hello Without Masks or Plastic Surgery. Enhanced Sign-in Security is a new security feature in Windows which requires specialized hardware, drivers, and firmware that are pre-installed on the system by device manufacturers in the factory.

Manufacturing

Manufacturing Authentication Security Access

Qualcomm fixed a zero-day exploited limited, targeted attacks

Security Affairs

OCTOBER 8, 2024

Please contact your device manufacturer for more information on the patch status about specific devices.” . “Patches for the issue affecting FASTRPC driver have been made available to OEMs together with a strong recommendation to deploy the update on affected devices as soon as possible.

Manufacturing

Manufacturing Cybersecurity IT Security

StrandHogg 2.0 Android flaw affects over 1 Billion devices

Security Affairs

MAY 26, 2020

The permissions granted to the app could allow spying on the user by accessing the camera and microphone, obtaining the device’s location, reading the SMSs, capturing login credentials (including 2FA codes via SMS), accessing private photos and videos, accessing contacts and call logs, and also making calls and recording the victim’s conversations.

Access

Access Manufacturing Phishing Security

Sonos smart speakers flaw allowed to eavesdrop on users

Security Affairs

AUGUST 9, 2024

MediaTek, who manufactures Wi-Fi SoC for Sonos speaker, released a security advisory in March 2024 (CVE-2024-20018). ” Below is a video PoC of the attack exploring the flaw to eavesdrop on users. . “A low-privileged, close-proximity attacker could exploit this vulnerability to remotely execute arbitrary code.”

Manufacturing

Manufacturing Paper Security IT

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

Google mistakenly shared private videos of some users with others in 2019. IoT devices at major Manufacturers infected with crypto-miner. Using 99 mobile phones to create a fake traffic jam in Google Maps. Dropbox paid more than $1 Million via its bug bounty program. Microsoft detects 77,000 active web shells on a daily basis.

Security

Security Ransomware IoT Manufacturing

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

We believe this will only grow in 2019 and, because this will increase awareness of threats with IoT users, it will, in turn, accelerate the regulation process, and put more pressure on manufacturers to raise the security bar for their products. For certain, IoT device manufacturers cannot leave IoT cyber security behind much longer.

IoT

IoT Security Manufacturing Privacy

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. access control, video surveillance and mobile credentialing) owned by HVAC giant Carrier. The experts focused on Carrier’s LenelS2 access control panels, manufactured by HID Mercury. ” reads the advisory.

Access

Access Authentication Manufacturing Cybersecurity

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer. Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M

Manufacturing

Manufacturing Passwords Blockchain Cloud

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2%

Energy and Utilities

Energy and Utilities Manufacturing Archiving Authentication

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Below is a video demo published by the researcher that shows how to exploit the flaw CVE-2023–1748 to obtain users’ info.

Manufacturing

Manufacturing Cybersecurity Education Authentication

McLaren Health Care revealed that a data breach impacted 2.2 million people

Security Affairs

NOVEMBER 10, 2023

The Alphv ransomware group has been very active in this period, recently it claimed to have hacked Clarion , the global manufacturer of audio and video equipment for cars and other vehicles, and the hotel chain Motel One. .” reads the message published by the ALPHV gang on its leak site.

Data breaches

Data breaches Ransomware Insurance Manufacturing

Joker malware infected 538,000 Huawei Android devices

Security Affairs

APRIL 11, 2021

the official app store from the Huawei Android device manufacturer.” 594 f1b49a444f554bb942fd8f5a9ff2a212d8db6247 Camera MX – Photo Video Camera com.sdkfj.uhbnji.dsfeff hxxps://cameramx-photovideocamera.oss-cn-wulanchabu.aliyuncs.com/ Android.Joker.594 ” reads the post published by Dr. Web.

Manufacturing

Manufacturing Access Security IT

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Last week, a Russian journalist published a video on Youtube claiming to be an interview with the cybercriminals behind the REvil/Sodinokibi ransomware strain , which is the handiwork of a particularly aggressive criminal group that’s been behind some of the biggest and most costly ransom attacks in recent years.

Security

Security Ransomware Agriculture Cybersecurity

US Navy Memo Raised Cyberscurity Concerns About DJI Drones

Data Breach Today

DECEMBER 19, 2019

Army ordered that the use of drones made by Chinese manufacturer DJI be discontinued, citing security concerns. Now, a second classified memo used to support that decision has been released, revealing serious concerns about how cyberspies could intercept video and other encrypted data.

Manufacturing

Manufacturing Encryption Security

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Experts at firmware security firm Eclypsium have discovered that many peripheral device manufacturers have not implemented security checks to prevent the installation of firmware from an untrusted source. The experts also published a video PoC of an attack on a network interface, a Broadcom chipset, that runs an unsigned firmware. “A

Authentication

Authentication Manufacturing Security Ransomware

Security Affairs newsletter Round 404 by Pierluigi Paganini

Security Affairs

JANUARY 29, 2023

Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper ISC fixed high-severity flaws in DNS software suite BIND Patch management is crucial to protect Exchange servers, Microsoft warns Hacker accused of having stolen personal data of all Austrians and more CVE-2023-23560 flaw exposes 100 (..)

Security

Security Data breaches Military Ransomware

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

An attacker could employ generative AI to forge realistic content, including images, videos, and audio, which can sway public opinion in myriad ways. Fabricated audio and videos concocted swiftly and disseminated ahead of elections could jeopardize a political party or candidate’s reputation.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. “Software-based remediation is unlikely due to the infeasibility of changing device UIDs, which are permanently assigned during the manufacturing process.

IoT

IoT Manufacturing Passwords Computer and Electronics

Experts demonstrate how to exfiltrate data using smart bulbs

Security Affairs

NOVEMBER 27, 2018

The devices are manufactured by the Chinese company called Zengge and could be controlled using both Android and iOS apps. Below a video PoC created by the experts. Security researchers with Checkmarx developed two mobile applications that exploit smart bulbs features for data exfiltration. ” continues the experts.

Communications

Communications Manufacturing Security IT

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Security Affairs

MAY 2, 2021

The duo called the hack TBONE and presented it at the CanSecWest 2021 Conference , below the video of the presentation: Weinmann and Schmotzle explained that the ConnMan is also widely used in infotainment systems of other carmakers, for this reason they engaged German CERT and other actors of the automotive industry. “We

Manufacturing

Manufacturing Security Cloud IT

Robots at HIS Group are vulnerable to hack

Security Affairs

OCTOBER 23, 2019

The Japanese hotel chain HIS Group admitted that its in-room robots were vulnerable and could allow hackers to remotely view video footage from the devices. Now the HIS Group admitted that the in-room robots were vulnerable to hack and could allow remote attackers to view video footage from the devices. set to autorun.

Manufacturing

Manufacturing Access Risk Security

Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars

Threat actor claims to have hacked European manufacturer of missiles MBDA

Webinars

Trending Sources

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Webinars

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

An RCE in Annke video surveillance product allows hacking the device

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Eken camera doorbells allow ill-intentioned individuals to spy on you

3CX voice and video conferencing software victim of a supply chain attack

Unpatched Manufacturing Camera Could Allow Industrial Spying

GSA Sparks Security Fears After Buying Risky Chinese Cameras

GUEST ESSAY: Taking proactive steps to heal the planet — by reducing the impact of video streaming

FBI warns swatting attacks on owners of smart devices

A flaw in Dahua IP Cameras allows full take over of the devices

Hackers claim to have compromised 50,000 home cameras and posted footage online

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Botnet operators target multiple zero-day flaws in LILIN DVRs

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

3.5m IP cameras exposed, with US in the lead

United Airlines covers up seat cameras to respond to privacy concerns

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

Killnet claims to have breached Lockheed Martin

BadPower attack could burn your device through fast charging

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Qualcomm fixed a zero-day exploited limited, targeted attacks

StrandHogg 2.0 Android flaw affects over 1 Billion devices

Sonos smart speakers flaw allowed to eavesdrop on users

Security Affairs newsletter Round 250

5 IoT Security Predictions for 2019

HID Mercury Access Controller flaws could allow to unlock Doors

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Nexx bugs allow to open garage doors, and take control of alarms and plugs

McLaren Health Care revealed that a data breach impacted 2.2 million people

Joker malware infected 538,000 Huawei Android devices

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

US Navy Memo Raised Cyberscurity Concerns About DJI Drones

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs newsletter Round 404 by Pierluigi Paganini

Elections 2024, artificial intelligence could upset world balances

P2P Weakness Exposes Millions of IoT Devices

Experts demonstrate how to exfiltrate data using smart bulbs

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Robots at HIS Group are vulnerable to hack

Stay Connected