Hunton Privacy

MAY 7, 2013

In April 2013, the Ministry of Industry and Information Technology of the People’s Republic of China (the “MIIT”) issued a new rule entitled the “Notice on Strengthening the Administration of Networked Smart Mobile Devices” (the “Notice”).

Manufacturing 40

Manufacturing Communications Sales Marketing 40

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.”

Military 103

Military Manufacturing Access Security 103

The Last Watchdog

NOVEMBER 11, 2020

Toward this end, along came the FIDO Alliance in early 2013. FIDO sets forth common biometric authentication protocols designed to foster the growth of an ecosystem of device manufacturers, software developers or online service providers all using FIDO standards. I’ll keep watch and keep reporting.

Authentication 118

Authentication Passwords Security Access 118

Security Affairs

SEPTEMBER 17, 2019

Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. conducted Independent Security Evaluators (ISE). This research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices.”

IoT 90

IoT Manufacturing Authentication Security 90

Hunton Privacy

FEBRUARY 27, 2013

On February 22, 2013, the Federal Trade Commission announced that it had settled charges against HTC America, Inc. (“HTC”) This settlement marks the FTC’s first case against a mobile device manufacturer. In addition, the FTC asserted that HTC failed to deactivate the “debug code” before shipping out its devices to consumers.

Manufacturing 40

Manufacturing Risk Privacy Access 40

Security Affairs

DECEMBER 18, 2019

Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South Korea (60%). ” reads the report published by the CyberX experts. Pierluigi Paganini.

Manufacturing 67

Manufacturing Phishing Paper Passwords 67

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud 157

Cloud Manufacturing Marketing Data breaches 157

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. In 2018, security intelligence firm HYAS discovered a malware network communicating with systems inside of a French national power company.

Passwords 248

Passwords Manufacturing Security Data breaches 248

The Last Watchdog

MARCH 28, 2019

In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second— swamped Spamhaus , knocking the anti-spam organization off line for extended periods. His blog, Krebs on Security , was knocked down alright. Related: IoT botnets now available for economical DDoS blasts. Beyond DDoS.

IoT 217

IoT Mining Manufacturing Security 217

Security Affairs

NOVEMBER 17, 2019

The Siemens S7 is considered one of the most secure controllers in the industry, it is used in power plants, traffic lights, water pumps, building control, production lines, aviation systems, and many other critical infrastructures. . ” reads a security advisory published by Siemens. Pierluigi Paganini.

Access 92

Access Manufacturing Risk Security 92

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. ” Microsoft said. Pierluigi Paganini.

Mining 98

Mining Manufacturing Phishing Government 98

Security Affairs

NOVEMBER 13, 2019

In the past months, security researchers devised several speculative -channel RIDL (Rogue In-Flight Data Load), Fallout, Microarchitectural Data Sampling ( MDS attacks ), and ZombieLoad. ” reads the security advisory published by Intel. ” reads the security advisory published by Intel. Pierluigi Paganini.

Data structuring 86

Data structuring Manufacturing Encryption Passwords 86

Security Affairs

AUGUST 15, 2021

.” “ MAB5 was described in gushing terms and with incredible detail, even naming the military leader – a Lieutenant Colonel (Lt Col) in the Royal Corps of Signals, who was awarded the MBE in the Queen’s Birthday Honours List 2013 when he was a Major. His email address and phone number were also listed in the advert.”

Military 102

Military Computer and Electronics Manufacturing Communications 102

Security Affairs

APRIL 3, 2019

Security researchers at Cylance discovered that the OceanLotus APT (also known as APT32 or Cobalt Kitty , group is using a loader leveraging steganography to deliver a version of Denes backdoor and an updated version of Remy backdoor. ” reads the report published by the experts. Pierluigi Paganini.

Libraries 79

Libraries Encryption Communications Manufacturing 79

The Last Watchdog

AUGUST 26, 2019

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. PhD in hand, Carcano spent three years in the field helping a large oil-and-gas company tighten ICS security for operations in different corners of the world. Talk more soon. Talk more soon.

Artificial Intelligence 135

Artificial Intelligence Cybersecurity Manufacturing Security 135

Hunton Privacy

OCTOBER 6, 2014

The Guidance provides recommendations to device manufacturers for content “to include in FDA medical device premarket submissions for effective cybersecurity management.” The Guidance updates a draft guidance that was originally published in June 2013.

Cybersecurity 40

Cybersecurity Manufacturing Authentication Passwords 40

The Last Watchdog

AUGUST 26, 2019

Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. PhD in hand, Carcano spent three years in the field helping a large oil-and-gas company tighten ICS security for operations in different corners of the world. Talk more soon. Talk more soon.

Artificial Intelligence 117

Artificial Intelligence Cybersecurity Manufacturing Security 117

Security Affairs

MARCH 5, 2019

The APT40 group has been active since at least 2013 and appears to be focused on supporting naval modernization efforts of the Government of Beijing. “[In 2017] APT40 was observed masquerading as a UUV manufacturer, and targeting universities engaged in naval research. ” reads the analysis published by FireEye.

Phishing 85

Phishing Passwords Manufacturing Government 85

IT Governance

JULY 30, 2018

SIAS says data of 70,000 members stolen in 2013. of Corrections notifies employees, inmates of online security incident with third-party vendor. Carvajal, MD Provides Notice to Individuals of Data Security Event. DC health website security breach exposes nurse’s personal info including SSN. State Dept.

Data breaches 101

Data breaches Ransomware Personal data Phishing 101

Security Affairs

OCTOBER 18, 2019

Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. Office of Personnel Management (OPM) breach. Pierluigi Paganini.

Manufacturing 48

Manufacturing Security Government IT 48

Hunton Privacy

JUNE 14, 2013

On June 13, 2013, the Food and Drug Administration (“FDA”) published a safety communication and guidance regarding the vulnerability of medical devices to cyberattacks. Developing data recovery and incident response plans in the event of a compromise of medical device security.

Communications 40

Communications Cybersecurity Manufacturing Passwords 40

Data Matters

AUGUST 28, 2020

Department of Commerce, Bureau of Industry and Security (BIS) published an advance notice of proposed rulemaking (ANPRM) soliciting comments to identify foundational technologies essential to U.S. national security by October 26, 2020 (the Foundational Technologies ANPRM). national security.

Military 68

Military Manufacturing Compliance Marketing 68

Security Affairs

OCTOBER 21, 2019

Security experts have a new malware, dubbed skip-2.0 Security experts at ESET have discovered a new malware, dubbed skip-2.0, The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. malware to control Microsoft SQL Servers appeared first on Security Affairs.

Passwords 48

Passwords Authentication Manufacturing Communications 48

Security Affairs

JULY 1, 2019

Security experts spotted a news wave of attacks carried out by the OceanLotus APT group that involved the new Ratsnif Trojan. Experts at the security firm Cylance detected a new RAT dubbed Ratsnif that was used in cyber espionage operations conducted by the OceanLotus APT group. ” reads the analysis published by Cylance.

Manufacturing 60

Manufacturing Libraries Communications Security 60

IT Governance

APRIL 22, 2024

Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. million accounts compromised in Le Slip Français data breach The French underwear manufacturer Le Slip Français has suffered a data breach. Data breached: 5,300,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Hunton Privacy

MARCH 18, 2013

On February 27, 2013, the Article 29 Working Party (the “Working Party”) adopted an Opinion (the “Opinion”) addressing personal data protection issues related to the development and use of applications on mobile devices. Operating system and device manufacturers should enable users to uninstall apps and ensure all user data is deleted.

Manufacturing 40

Manufacturing Personal data Privacy Data breaches 40

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. We also found 14 organisations providing a significant update on a previously disclosed incident. Organisation(s) Sector Location Data breached? TB Paysign, Inc.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Krebs on Security

AUGUST 12, 2022

The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. “But nothing ever happened. .

Passwords 193

Passwords Manufacturing Security Risk 193

IT Governance

APRIL 9, 2024

Kid Security breached again: children’s live GPS locations exposed on the Internet Last November , the parental control app Kid Security, which allows parents to monitor and control their children’s online safety, was found to have exposed more than 300 million records via misconfigured Elasticsearch and Logstash instances.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

Hunton Privacy

MARCH 12, 2013

On March 8, 2013, the Federal Trade Commission issued a staff report entitled Paper, Plastic… or Mobile? Data Security. The FTC recommends that mobile payment providers adopt these technologies to enhance data security. An FTC Workshop on Mobile Payments (the “Report”). Dispute Resolution.

Privacy 40

Privacy Data collection Manufacturing Paper 40

Info Source

AUGUST 22, 2018

It’s the driverless scanning initiative launched by the TWAIN Working Group (TWG) in 2013 designed to bring document scanning into the 21st century when it comes to connectivity [see DIR 12/20/13]. XiiD is an identity management specialist that offers secure authentication to a corporate Active Directory.

Blockchain 49

Blockchain Cloud Manufacturing Authentication 49

IT Governance

MARCH 5, 2024

Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5 TB Turtlemint Source (New) Insurance India Yes 1,800,000 Chunghwa Telecom Source (New) Telecoms Taiwan Yes 1.7

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

The Last Watchdog

APRIL 16, 2020

organizations between January 2013 and July 2019. NotPetya wrought $10 billion in damages , according to Tom Bossert a senior Department of Homeland Security official at the time. For instance, a scan might turn up a configuration setting that ought to be changed to boost security. million from U.S. I’ll keep watch.

Ransomware 208

Ransomware Security Authentication Access 208

Hunton Privacy

JUNE 19, 2013

The EDPS welcomes recognizing privacy and data protection as core values of a robust cybersecurity policy, as opposed to separating out security and privacy, but draws attention to several deficiencies, stating that “the ambitions of the strategy are not reflected in how it will be implemented.”.

Cybersecurity 40

Cybersecurity Personal data Privacy Manufacturing 40

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. As is now traditional, I’ve installed myself in the porter’s chair next to the fire in the library, ready to recap some of the year’s more newsworthy information security events. caused problems of their own.

Data breaches 71

Data breaches Personal data Access GDPR 71

Hunton Privacy

FEBRUARY 19, 2013

On May 29, 2009, the President promised to avoid security regulations even though he acknowledged that “the vast majority of our critical information infrastructure in the United States is owned and operated by the private sector.” by passing legislation to give our government a greater capacity to secure our networks and deter attacks.”

Cybersecurity 40

Cybersecurity Agriculture Risk Government 40

Security Affairs

MAY 12, 2021

Our research shows that large and small manufacturers are identifiable, with Aastra-Mitel topping the list. Aastra-Mitel tops the manufacturer list, the United States leads the list among countries, and London tops the chart among cities. Devices made by the US manufacturer Polycom, a subsidiary of Plantronics Inc.,

Manufacturing 74

Manufacturing Honeypots Communications Marketing 74