Education, Information Security, Manufacturing and Security

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware

Ransomware Security Manufacturing Cybersecurity

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. PuTTY.exe Rhysida actors have been observed creating Secure Shell (SSH) PuTTy connections for lateral movement. AnyDesk also supports remote file transfer.

Ransomware

Ransomware Manufacturing Education Passwords

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement). was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 282 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Ransomware Data breaches Manufacturing

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Incident details: Network security incident, where allegedly AlphV gained unauthorised access and made demands to the hospital’s leadership, suggesting a ransomware attack. D-Link Corporation Provides Details about an Information Disclosure Security Incident Date of breach: 2 October 2023. Records breached: Around 700 records.

Data Privacy

Data Privacy Privacy Security Data breaches

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. In fact, the U.S. ” continues the alert. ” U.S. ” U.S.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. “I have independently verified Nexx has purposefully ignored all our attempts to assist with remediation and has let these critical flaws continue to affect their customers.”

Manufacturing

Manufacturing Cybersecurity Education Authentication

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Other research by Cybernews has revealed that BMW , a German luxury vehicle manufacturer producing around 2.5 The issue causing the leak has been fixed.

Retail

Retail Manufacturing Communications Passwords

80% of organisations affected by cyber security skills gap

IT Governance

MARCH 22, 2018

Four out of five organisations can’t find qualified staff to fill cyber security positions, according to CyberEdge’s 2018 Cyberthreat Defense Report. The education sector (87.1%) is the most affected, followed by telecommunications and technology (85.1%), manufacturing (81.5%) and finance (81.4%).

Security

Security Education Manufacturing Information Security

CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks

Security Affairs

OCTOBER 14, 2023

Vulnerable systems were hosted in the networks of organizations in the energy, education facilities, healthcare and public health, and water systems industries. ” concludes the announcement. . ” concludes the announcement.

Ransomware

Ransomware Manufacturing Education Risk

SEC Sanctions Public Company for Misleading Disclosures About Data Breach

Hunton Privacy

AUGUST 31, 2021

In September 2018, the software manufacturer put Pearson on notice of the vulnerability, but the SEC’s order alleges that Pearson did not patch the vulnerability until after it learned of the attack in March 2019 even though a patch was available in September 2018. On August 16, 2021, the U.S.

Data breaches

Data breaches Manufacturing Passwords Data Privacy

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

FTC Recommends Steps to Improve Mobile Device Security Update Practices

Hunton Privacy

MARCH 6, 2018

On February 28, 2018, the Federal Trade Commission issued a report, titled Mobile Security Updates: Understanding the Issues (the “Report”), that analyzes the process by which mobile devices sold in the U.S. receive security updates and provides recommendations for improvement.

Manufacturing

Manufacturing Security Education Communications

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

The previous campaigns associated with this group targeted government, education, and electronic manufacturers in East Asia and the Middle East. appeared first on Security Affairs. Gelsemium is a group focused on cyberespionage that has been active since at least 2014.

Government

Government Manufacturing Education Access

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. CIOs and security managers could also use the list to assess the efficiency of their program to secure hardware within in their organizations.

Manufacturing

Manufacturing Education Access Security

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

The Qilin ransomware-as-a-service (RaaS) group uses a double-extortion model, with most of the victims in the manufacturing and IT industries. The ransomware was originally written in Go language and was employed in attacks aimed at healthcare and education sectors in countries like Thailand and Indonesia. AGENDA.THIAFBB.”

Ransomware

Ransomware Encryption Passwords Education

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. In fact, the U.S. continues the alert.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies. electronics manufacturers and distributors between approximately October 2012 and January 2022. hacking tools and electronics appeared first on Security Affairs. ” reads a press release published by DoJ.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., Since February, the attacks targeted organizations in critical manufacturing, IT, and Israel’s defense industry. Middle East, and India.

Phishing

Phishing Manufacturing Education Cybersecurity

China-linked Flax Typhoon APT targets Taiwan

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The group relies on tools built into the operating system, along with some legitimate software.

Manufacturing

Manufacturing Education Access Government

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. To prevent the threat from spreading within the network, the City has shut down the impacted IT systems. reads the alert.

Ransomware

Ransomware IT Encryption Education

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT Mining Manufacturing Education

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.”

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

Kaspersky reported attacks against entities in multiple industries, including education, chemical manufacturing, governmental research centers and policy institutes, IT service providers, utility providers and telecommunications. “The DTrack backdoor continues to be used actively by the Lazarus group. .”

Manufacturing

Manufacturing Education Encryption IT

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

Having access, they could exfiltrate a treasure trove of sensitive data, given that Siemens manufactures and maintains a lot of technologies and machines used by critical infrastructure.” “We sincerely hope that threat actors didn’t discover the leak before Siemens managed to fix it,” said Cybernews researchers.

IoT

IoT Manufacturing Authentication Ransomware

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. ” continues the report. We are in the final!

Communications

Communications Manufacturing Access Archiving

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.”

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture manufacturer in the world. the “Company”) detected a cyberattack on its information technology systems.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. In May, multiple cybersecurity experts spotted a new ransomware family called BlackSuit, including Palo Alto Unit42 experts.

Ransomware

Ransomware Encryption File names Cybersecurity

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Where do data breaches originate?

Security

Security Data breaches Data Privacy Compliance

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the Department has once again demonstrated the long arm of the law. The group targeted municipal governments, county governments, public higher education and K-12 schools, and emergency services (e.g., law enforcement).

Ransomware

Ransomware Agriculture Education Government

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education.

Ransomware

Ransomware Encryption Cybersecurity Communications

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Communications

Communications Manufacturing Education Government

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

This allowed ESET researchers to identify devices previously used in a data center/ cloud computing business (specifically, a router provisioning a university’s virtualized assets), a nationwide US law firm, manufacturing and tech companies, a creative firm, and a major Silicon Valleybased software developer, among others.”

Authentication

Authentication Marketing Cloud Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities

Energy and Utilities Military Government Phishing

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

The TrickGate packer was primarily used in attacks aimed at the manufacturing sector, and other attacks aimed at the education, healthcare, government, and finance industries. The shellcode is the core of the packer, because it decrypts the payload and stealthily injects it into a new process.

Manufacturing

Manufacturing Archiving Education Phishing

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

A hacker managed to identify a weak spot in a security camera model. Usually, the default settings are not focused on security. The only way to tackle this challenge is to educate the users about these threats and their potential implications. The Flaws in Manufacturing Process. The Threat is Definitely Real.

IoT

IoT Cybersecurity Manufacturing Passwords

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

The security officials told lawmakers that the ministry’s investigation has been triggered by an energy management component from Huawei, two lawmakers present at the briefing who spoke under the condition of anonymity told POLITICO. . ” reported POLITICO. “Berlin has previously been criticized over its stance by U.S.

Government

Government Communications Risk Cybersecurity

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured.

Personal data

Personal data Phishing Risk Financial Services

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

MSI confirms security breach after Money Message ransomware attack

Webinars

Trending Sources

FBI and CISA warn of attacks by Rhysida ransomware gang

Webinars

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs newsletter Round 282

The Week in Cyber Security and Data Privacy: 16–22 October 2023

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Money Message ransomware group claims to have hacked IT giant MSI

Volvo retailer leaks sensitive files

80% of organisations affected by cyber security skills gap

CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks

SEC Sanctions Public Company for Misleading Disclosures About Data Breach

Operation Cronos: law enforcement disrupted the LockBit operation

FTC Recommends Steps to Improve Mobile Device Security Update Practices

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Experts spotted a variant of the Agenda Ransomware written in Rust

FBI chief says China is preparing to attack US critical infrastructure

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Microsoft seized 41 domains used by Iran-linked Bohrium APT

China-linked Flax Typhoon APT targets Taiwan

City of Dallas shut down IT services after ransomware attack

Updated Kmsdx botnet targets IoT devices

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Hyundai suffered a data breach that impacted customers in France and Italy

Siemens Metaverse exposes sensitive corporate data

2022 Cyber Security Review of the Year

China-linked APT Volt Typhoon targets critical infrastructure organizations

More details about Operation Cronos that disrupted Lockbit operation

Steelcase office furniture giant hit by Ryuk ransomware attack

New Linux Ransomware BlackSuit is similar to Royal ransomware

Data security: Why a proactive stance is best

A Russian national charged for committing LockBit Ransomware attacks

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

The U.S. CISA and FBI warn of Royal ransomware operation

China-linked APT Volt Typhoon linked to KV-Botnet

Hackers can hack organizations using data found on their discarded enterprise network equipment

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

TrickGate, a packer used by malware to evade detection since 2016

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Multinational ICICI Bank leaks passports and credit card numbers

Stay Connected