2014, Analysis and Manufacturing - Information Management Today

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. The experts reported that several IoT devices at some major manufacturers have been infected with a cryptocurrency miner in October 2019. Pierluigi Paganini. SecurityAffairs – Windows 7, hacking). .

Manufacturing

Manufacturing IoT Communications Risk

Malicious PDF Analysis

Security Affairs

FEBRUARY 13, 2019

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Analytics Cybersecurity Risk

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

OCTOBER 1, 2018

Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers. (..)

Cybersecurity

Cybersecurity Manufacturing Security IT

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

ANALYSIS OF THE TURKISH LARGE FORMAT PRINTING MARKET, 2022?

Info Source

MAY 3, 2023

This situation led to a long-term decrease in total unit sales, with the market falling from nearly 4K units in 2014 to 1.4K units in 2014 to 0.5K units in 2014 to 0.6k Therefore, it has experienced the same difficulties caused from the increasing import costs discussed above, and thus has delivered a clear downtrend since 2014.

Marketing

Marketing Sales Manufacturing Paper

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing

Manufacturing e-Delivery IT Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. ” continues the analysis. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection.

Manufacturing

Manufacturing Paper Communications IT

Spotting RATs: Delphi wrapper makes the analysis harder

Security Affairs

JULY 8, 2019

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder. Technical Analysis. Once executed, the malware obviously kills itself detecting the analysis machine, so we are going to investigate what are the tricks employed to stop us.

File names

File names Encryption Archiving Phishing

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

” Threat actors employed anti-analysis and evasion techniques, including, code obfuscation and performing some checks for sandbox or debugger environments. At the time of the analysis, the hard-coded target URL of the malware was not reachable making it impossible to attribute the Kraken technique to a specific threat actor.

Phishing

Phishing Manufacturing Archiving Government

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

Agent Tesla is a.Net-based info-stealing malware that was first spotted in 2014, it is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. This info-stealer is also able to kill processes associated with malware analysis related processes and antivirus solutions. .

Manufacturing

Manufacturing Phishing Security IT

At least 31 US Businesses targeted with WastedLocker Ransomware

Security Affairs

JUNE 29, 2020

The malicious code was first documented by researchers from the NCC Group’s report and later Symantec published its own analysis. ” reads the analysis published by Symantec. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors. Pierluigi Paganini.

Ransomware

Ransomware Manufacturing Access Security

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. Pierluigi Paganini. adrotate banner=”13″].

Ransomware

Ransomware Manufacturing Military Cybersecurity

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

reads the advisory The vulnerability is a heap-based buffer overflow issue and according to the vendor it may have been exploited in a limited number of attacks aimed at government, manufacturing, and critical infrastructure sectors. ” states the analysis published by Bishop Fox. states the report published by Fortinet. .

Manufacturing

Manufacturing Authentication Risk Security

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Retail Manufacturing

LokiBot info stealer involved in a targeted attack on a US Company

Security Affairs

SEPTEMBER 11, 2019

Security researchers at Fortinet uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. FortiGuard SE Team experts uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. manufacturing company. ” read the analysis of the experts.

Manufacturing

Manufacturing Phishing Passwords Sales

DHS warns of cyber attacks against small airplanes

Security Affairs

JULY 31, 2019

A few hours ago, I have written about an interesting analysis of the possible hack of avionics systems, not DHS warns of cyber attacks against small airplanes. Manufacturers of aircraft should review implementation of CAN bus networks to compensate for the physical attack vector.” ” concludes the alert. Pierluigi Paganini.

Computer and Electronics

Computer and Electronics Manufacturing Access Authentication

Tupperware website has been compromised with a payment card skimmer

Security Affairs

MARCH 25, 2020

The Tupperware website, the popular manufactured of plastic food container products was infected with a payment card skimmer. ” reads the analysis published by Malwarebytes. ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

CMS

CMS Manufacturing Access IT

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . 126 and 37.120.145 [. ]

Healthcare

Healthcare Manufacturing Cybersecurity Retail

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

” reads the analysis published by Cybereason. The analysis of the EventBot’s infrastructure and C2 reveals a potential link to another Android info stealer employed in late 2019 in attacks against Italian users. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Financial Services

Financial Services Libraries Encryption Authentication

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. Treasury Department in July 2014 due to its support to the Russian government in attempting of destabilizing eastern Ukraine and its ongoing occupation of Crimea. The Russian firm was sanctioned by the U.S.

Military

Military Communications Manufacturing Phishing

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

“AMD is aware of new research related to a potential vulnerability in AMD software technology supplied to motherboard manufacturers for use in their Unified Extensible Firmware Interface (UEFI) infrastructure and plans to complete delivery of updated versions designed to mitigate the issue by the end of June 2020.”

Manufacturing

Manufacturing Access Security IT

Flaws in 4G Routers of various vendors put millions of users at risk

Security Affairs

AUGUST 13, 2019

Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices. G Richter, a security researcher at Pen Test Partners discovered multiple vulnerabilities 4G routers manufactured by different vendors. high severity CVSS v3. 0 base score) .

Risk

Risk Manufacturing Passwords Authentication

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

In July, British Prime Minister Boris Johnson announced its decision to phase out the use of network equipment manufactured by the Chinese tech giant Huawei in the UK’s 5G network as little as six months. The UK intelligence analysis believe that US ban on Chinese 5G technology will force Huawei to use untrusted technology.

IT

IT Military Manufacturing Risk

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” ” reads the analysis published by Avast. Pierluigi Paganini.

Passwords

Passwords Manufacturing IoT Cloud

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Security Affairs

DECEMBER 18, 2019

Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South Korea (60%). ” concludes the analysis. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Paper Passwords

Hackers target German Task Force for COVID-19 PPE procurement

Security Affairs

JUNE 9, 2020

” continues the analysis. “The remaining half belong to executives at third-party partners, including European and American companies associated with chemical manufacturing, aviation and transport, medical and pharmaceutical manufacturing, finance, oil and gas, and communications.” Pierluigi Paganini.

Phishing

Phishing Healthcare Manufacturing Government

Orange Business Services hit by Nefilim ransomware operators

Security Affairs

JULY 17, 2020

According to an initial analysis by security experts, this attack has concerned data hosted on one of our Neocles IT platforms, “Le Forfait Informatique”, and no other service has been affected”. The data also includes data sample documents of Avions de transport regional (ATR), a Franco-Italian aircraft manufacturer based in France.

Business Services

Business Services Ransomware Manufacturing Archiving

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. ” reads the alert.

Manufacturing

Manufacturing Cybersecurity Encryption Authentication

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

” reads the analysis published by TrendMicro. ” concludes the analysis. ” concludes the analysis. The devices themselves are often manufactured with operation in mind, not security. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Communications

Communications Manufacturing Security IT

Kaspersky found dozens of flaws in 4 open-source VNC software

Security Affairs

NOVEMBER 23, 2019

VNC is widely adopted in industrial environments and many manufacturers of industrial control systems (ICS) leverage on VNC to implement remote control for their products. ” reads the analysis published by Kaspersky. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Manufacturing

Manufacturing Risk Authentication Passwords

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

OCTOBER 1, 2019

The Masterplan encourages OT equipment manufacturers and service providers to implement the best cybersecurity practices by design. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the announcement. .”

Cybersecurity

Cybersecurity Manufacturing Security IT

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Security Affairs

NOVEMBER 18, 2018

.” The attack technique was discovered by Privacy4Cars founder Andrea Amico in February 2018, he immediately notified the Automotive Information Sharing and Analysis Center (Auto-ISAC). Amico worked with Auto-ISAC to figure out how attackers could steal PII from vehicles manufactured by affected members. Pierluigi Paganini.

Manufacturing

Manufacturing Privacy Education Personal data

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” “At present, pre-installed partners cover the entire mobile phone industry chain, including mobile phone chip manufacturers, mobile phone design companies, mobile phone brand manufacturers, mobile phone agents, mobile terminal stores and major e-commerce platforms,” reads a descriptive blurb about the company.

Cloud

Cloud Manufacturing Marketing Data breaches

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. ” One of the firmware modules named InfineonTpmUpdateDxe uses the OpenSSL version 0.9.8zb that was released on August 4, 2014. ” continues the report. that dates back to 2009.

Libraries

Libraries Manufacturing Communications Security

Fbot malware targets HiSilicon DVR/NVR Soc devices

Security Affairs

FEBRUARY 24, 2019

The experts only observed a few different camera brands as a number of camera manufacturers OEM HiSilicon DVR/NVR Soc device. ” reads the analysis published by 360Netlab. Further details, including IoCs are reported in the analysis published by 360Netlab. Pierluigi Paganini. SecurityAffairs – botnet , malware).

Passwords

Passwords Manufacturing Encryption Security

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

Most of the infections were observed in organizations in the US and Europe, the most targeted industries were in the government, military, and manufacturing sectors. . ” reads the analysis published by CheckPoint. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords Military Manufacturing Encryption

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. reads the alert. “Analysis shows a significant number of infected devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords Manufacturing Encryption Authentication

Experts found undocumented access feature in Siemens SIMATIC PLCs

Security Affairs

NOVEMBER 17, 2019

The researchers focused their analysis on the firmware integrity verification process implemented in the Siemens SIMATIC S7-1200 PLC. “There is an access mode used during manufacturing of S7-1200 CPUs that allows additional diagnostic functionality. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Access

Access Manufacturing Risk Security

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. To make hard the analysis of the malware, backdoor DLLs are heavily obfuscated and C2 communication encrypted. Pierluigi Paganini.

Libraries

Libraries Encryption Communications Manufacturing

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Security Affairs

JUNE 5, 2020

The particular chain of attack we discovered showed interesting technical patterns resembling other previous activities targeting the Italian manufacturing landscape, for this reason, we decided to dig deeper. Technical Analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Manufacturing

Manufacturing File names IT Libraries

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Manufacturing

Manufacturing Access Encryption Authentication

Flaws in Qualcomm chips allows stealing private from devices

Security Affairs

NOVEMBER 14, 2019

” reads the analysis published by Check Point. ” reads the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Encryption Passwords Security

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Security experts from security firm SEC Consult have identified over 100 companies that buy and re-brand video surveillance equipment (surveillance cameras, digital video recorders (DVRs), and network video recorders (NVRs)) manufactured by the Chinese firm Hangzhou Xiongmai Technology Co., ” continues the analysis.

Cloud

Cloud Manufacturing Passwords IoT

Tens of thousands of hot tubs are exposed to hack

Security Affairs

JANUARY 7, 2019

We bought a few spares for research” reads the analysis published by Pen Test Partners. The manufacturer Balboa Water Group plans to release an update by the end of February, meantime the owners of hot tubs are recommended to disable any remote control function. “The mobile app connects to a Wi-Fi access point on the tub.

IoT

IoT Manufacturing Authentication Passwords

Experts demonstrate how to exfiltrate data using smart bulbs

Security Affairs

NOVEMBER 27, 2018

The devices are manufactured by the Chinese company called Zengge and could be controlled using both Android and iOS apps. ” reads the analysis published by the experts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Communications

Communications Manufacturing Security IT

IoT devices at major Manufacturers infected with crypto-miner

Malicious PDF Analysis

Webinars

Trending Sources

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Webinars

ANALYSIS OF THE TURKISH LARGE FORMAT PRINTING MARKET, 2022?

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Spotting RATs: Delphi wrapper makes the analysis harder

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Spearphishing attacks hit the oil and gas industry sector

At least 31 US Businesses targeted with WastedLocker Ransomware

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Nefilim ransomware gang published Luxottica data on its leak site

LokiBot info stealer involved in a targeted attack on a US Company

DHS warns of cyber attacks against small airplanes

Tupperware website has been compromised with a payment card skimmer

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

EventBot, a new Android mobile targets financial institutions across Europe

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

AMD is going to patch UEFI SMM callout privilege escalation flaw

Flaws in 4G Routers of various vendors put millions of users at risk

France will not ban Huawei from its upcoming 5G networks

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Hackers target German Task Force for COVID-19 PPE procurement

Orange Business Services hit by Nefilim ransomware operators

QSnatch malware infected over 62,000 QNAP NAS Devices

Trend Micro observed notable malware activity associated with the Momentum Botnet

Kaspersky found dozens of flaws in 4 open-source VNC software

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

CarsBlues Bluetooth attack Affects tens of millions of vehicles

Tracing the Supply Chain Attack on Android

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Fbot malware targets HiSilicon DVR/NVR Soc devices

Qbot uses a new email collector module in the latest campaign

QNAP urges users to update Malware Remover after QSnatch joint alert

Experts found undocumented access feature in Siemens SIMATIC PLCs

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Flaws in Qualcomm chips allows stealing private from devices

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Tens of thousands of hot tubs are exposed to hack

Experts demonstrate how to exfiltrate data using smart bulbs

Stay Connected