2019, Encryption and Manufacturing - Information Management Today

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

MAY 8, 2019

Related: Marriott reports huge data breach Ever thought about encrypting the data held on a portable storage device? Launched as a one-man operation in 2007, DataLocker has grown into a leading manufacturer of encrypted external drives, thumb drives, flash drives and self-encrypting, recordable CDs and DVDs.

Encryption

Encryption Cloud Access Manufacturing

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. ” they wrote.

Ransomware

Ransomware Encryption Manufacturing Phishing

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

Phobos variants are usually distributed by the SmokeLoader , but in 8Base campaigns, it has the ransomware component embedded in its encrypted payloads. The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT.

Ransomware

Ransomware Encryption Metadata Manufacturing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

A high-severity hardware vulnerability, dubbed Kr00k , in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k , that affects Wi-Fi chips manufactured by Broadcom and Cypress.

Encryption

Encryption Manufacturing Paper Communications

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. “It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. The malicious code appends.encrypt extension to filenames of encrypted files.

Ransomware

Ransomware Encryption Manufacturing Passwords

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. Department of Justice (DOJ). Black Ransomware.

Ransomware

Ransomware Encryption Insurance Manufacturing

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Launched in 2008, privnote.com employs technology that encrypts each message so that even Privnote itself cannot read its contents. com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. The real Privnote, at privnote.com. com include privnode[.]com

Phishing

Phishing Blockchain Manufacturing Encryption

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. billion revenue in 2019. billion revenue in 2019.

Ransomware

Ransomware Manufacturing Encryption Access

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

In addition to the encryption of data, victims have received threats that data stolen during the incidents will be published.” Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. ransomware.

Ransomware

Ransomware Retail Security Manufacturing

GreyEnergy: Welcome to 2019

Security Affairs

JANUARY 16, 2019

In order to investigate the attribution of the sample, Cybaze-Yoroi Zlab researchers performed a comparative analysis of the January 2019’s sample with respect to technical indicators and TTP published in previous articles. The remote destination ends to the 217.12.204.100 IP address, owned by an Ukrainian contractor and manufacturer company.

Phishing

Phishing Manufacturing Encryption IT

DoppelPaymer ransomware gang hit Foxconn electronics giant

Security Affairs

DECEMBER 7, 2020

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. The hackers also claim to have stolen unencrypted files before encrypting the targeted systems. The hackers also claim to have stolen unencrypted files before encrypting the targeted systems.

Ransomware

Ransomware Manufacturing Encryption Cybersecurity

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample.

Manufacturing

Manufacturing Education Encryption IT

Wi-Fi Chip Vulnerability

Schneier on Security

MARCH 3, 2020

There's a vulnerability in Wi-Fi hardware that breaks the encryption : The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. Eset has named the vulnerability Kr00k, and it is tracked as CVE-2019-15126.

Manufacturing

Manufacturing Encryption Security IT

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. The malicious code appends.encrypt extension to filenames of encrypted files.

Ransomware

Ransomware Encryption Passwords Manufacturing

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese , iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

IoT

IoT Manufacturing Passwords Computer and Electronics

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

BleepingComputer also reported that dozens of ransom notes and encrypted files have been submitted to the ID-Ransomware service by affected QNAP users. The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files.

Ransomware

Ransomware Encryption Passwords Manufacturing

eCh0raix ransomware is back and targets QNAP NAS devices again

Security Affairs

JUNE 6, 2020

The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer and Anomali. The ransomware targets poorly protected or vulnerable NAS servers manufactured by Taiwan-based QNAP Systems, attackers exploits known vulnerabilities or carry out brute-force attacks. The malicious code appends .encrypt

Ransomware

Ransomware Encryption Manufacturing Passwords

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.

File names

File names Encryption Manufacturing Libraries

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Driven by the need to secure themselves against increasing threats, organizations (both manufacturers and IoT consumers) realize that they need better built-in security. IoT manufacturers may elect either using an on-premises HSM or (even better) using a managed, on-demand cloud-based HSM service.

IoT

IoT Manufacturing Energy and Utilities Encryption

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

JANUARY 7, 2022

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. The malicious code appends.encrypt extension to filenames of encrypted files.

Ransomware

Ransomware Security Encryption Systems administration

Technology giant Konica Minolta hit by a ransomware attack

Security Affairs

AUGUST 17, 2020

The company manufactures business and industrial imaging products, including copiers, laser printers, multi-functional peripherals (MFPs) and digital print systems for the production printing market. The multinational business technology giant has almost 44,000 employees and over $9 billion in revenue for 2019. KONICA_MINOLTA_README!!

Ransomware

Ransomware Encryption Manufacturing Access

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The Zeppelin ransomware first appeared on the threat landscape in November 2019 when experts from BlackBerry Cylance found a new variant of the Vega RaaS, dubbed Zeppelin. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. ” reads the joint advisory. “The Pierluigi Paganini.

Ransomware

Ransomware Encryption Communications Manufacturing

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Ransomware

Ransomware Computer and Electronics Manufacturing Encryption

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. LockBit is a prominent ransomware operation that first emerged in September 2019. reads the press release published by DoJ. It’s unclear which version of the ransomware is targeted by the decryptor.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

JANUARY 13, 2020

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. In December 2019, the Medical Device Coordination Group (MDCG) published its guidance on cybersecurity for medical devices (the Guidance).

Cybersecurity

Cybersecurity Manufacturing GDPR Privacy

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches

Data breaches GDPR Passwords Personal data

Attack Against PC Thunderbolt Port

Schneier on Security

MAY 12, 2020

The attack requires physical access to the computer, but it's pretty devastating : On Thunderbolt-enabled Windows or Linux PCs manufactured before 2019, his technique can bypass the login screen of a sleeping or locked computer -- and even its hard disk encryption -- to gain full access to the computer's data.

Manufacturing

Manufacturing Encryption Access Security

Bluetooth BIAS attack threatens billions of devices

Security Affairs

MAY 19, 2020

“To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key. To establish an encrypted connection, two Bluetooth devices must pair with each other using a link key, aka long term key. The issue potentially impact over a billion of devices.

Authentication

Authentication Encryption Paper Manufacturing

The Growing Presence (and Security Risks) of IoT

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

In the absence of IoT security regulations, many smart product manufacturers simply release new devices that lack built-in security measures and have not undergone proper security review and testing. Take manufacturing, for instance. Such disruption could have serious consequences depending on the type of organization that’s affected.

IoT

IoT Risk Energy and Utilities Security

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. LockBit is a prominent ransomware operation that first emerged in September 2019. This NCA-led investigation is a ground-breaking disruption of the world’s most harmful cyber crime group.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The QSnatch malware implements multiple functionalities, such as: . ” reads the alert.

Manufacturing

Manufacturing Cybersecurity Encryption Authentication

EventBot, a new Android mobile targets financial institutions across Europe

Security Affairs

APRIL 30, 2020

The malware also downloads the Command-and-control (C2) URLs, C2 communication is encrypted using Base64, RC4, and Curve25519. . The analysis of the EventBot’s infrastructure and C2 reveals a potential link to another Android info stealer employed in late 2019 in attacks against Italian users. . ” concludes the report.

Financial Services

Financial Services Libraries Encryption Authentication

Antlion APT group used a custom backdoor that allowed them to fly under the radar for months

Security Affairs

FEBRUARY 3, 2022

A China-linked APT group tracked as Antlion is using a custom backdoor called xPack in attacks aimed at financial organizations and manufacturing companies, Symantec researchers reported. The xPack backdoor is a.NET loader that fetches and executes AES-encrypted payloads, it supports multiple commands.

Manufacturing

Manufacturing Data collection Encryption Passwords

AUSTRALIA: Assistance and Access Act, December 2018 – Holy grail of uncertainty created by new rushed-in data encryption laws

DLA Piper Privacy Matters

JANUARY 15, 2019

Of particular public concern is the issue raised that law enforcement agencies will be allowed to directly intercept messages sent through end-to-end encryption under technical assistance and capability notices, affecting tools used by companies such as Google, WhatsApp, Apple iMessage, and Telegram (who have all publicly denounced the Act).

Encryption

Encryption Access Computer and Electronics GDPR

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware

Ransomware Retail Manufacturing Encryption

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices. Webshell functionality for remote access.

Passwords

Passwords Manufacturing Encryption Authentication

These hackers have breached FBI-affiliated websites and leaked data online

Security Affairs

APRIL 13, 2019

TechCrunch spoke to one of the hackers, who didn’t identify his or her name, through an encrypted chat late Friday. “We We hacked more than 1,000 sites,” the hacker told TechCrunch through an encrypted chat. Exposed records included member names, personal and government email addresses, job titles, phone numbers, and postal addresses.

Encryption

Encryption Ransomware Manufacturing Personal data

Flaws in Qualcomm chips allows stealing private from devices

Security Affairs

NOVEMBER 14, 2019

private encryption keys, passwords, payment card credentials) and offers a separate secure environment for executing Trusted Applications. Check Point reported the vulnerability (CVE-2019-10574) to Qualcomm in June, only a day before the publication of the research the flaw was addressed.

Manufacturing

Manufacturing Encryption Passwords Security

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

xHelper is a piece of malware that was first spotted in October 2019 by experts from security firm Symantec, it is a persistent Android dropper app that is able to reinstall itself even after users attempt to uninstall it. and sends it to a server under the control of the attackers ([link]. ” continues the report.

Manufacturing

Manufacturing Libraries Access Encryption

Medtronic’s implantable heart defibrillators vulnerable to hack

Security Affairs

MARCH 22, 2019

Security firm Clever Security discovered that heart defibrillators manufactured by Medtronic are affected by two serious vulnerabilities. The first flaw is an IMPROPER ACCESS CONTROL ( CVE-2019-6538 ), the Conexus telemetry protocol does not implement authentication or authorization. ” continues the advisory.

Communications

Communications Encryption Access Manufacturing

New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs

Security Affairs

NOVEMBER 13, 2019

ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. The Zombieload 2 attack only affects CPU supporting the Intel TSX instruction-set extension, a condition that is true in all Intel CPUs manufactured since 2013.

Data structuring

Data structuring Manufacturing Encryption Passwords

New TA2101 threat actor poses as government agencies to distribute malware

Security Affairs

NOVEMBER 15, 2019

. “Between October 16 and November 12, 2019, Proofpoint researchers observed the actor sending malicious email messages to organizations in Germany, Italy, and the United States, targeting no particular vertical but with recipients that were heavily weighted towards business and IT services, manufacturing, and healthcare.”

Government

Government Ransomware Manufacturing Phishing

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

Another tech industry consultancy, IDC, forecasts worldwide IoT spending will hit a record $745 billion in 2019 , some 15.4% This will be led by the manufacturing, consumer, transportation and utilities sectors. Nor has anyone accepted accountability for encrypting any of the fresh flows of data, whether in transit or at rest.

IoT

IoT Energy and Utilities Security Privacy

Fbot malware targets HiSilicon DVR/NVR Soc devices

Security Affairs

FEBRUARY 24, 2019

Since February 16, 2019, security experts at 360Netlab observed a large number of HiSilicon DVR/NVR Soc devices were infected with an updated version of the Fbot bot. The experts only observed a few different camera brands as a number of camera manufacturers OEM HiSilicon DVR/NVR Soc device.

Passwords

Passwords Manufacturing Encryption Security

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

Researchers Quietly Cracked Zeppelin Ransomware Keys

Webinars

Trending Sources

8Base ransomware operators use a new variant of the Phobos ransomware

Webinars

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Fake Lawsuit Threat Exposes Privnote Phishing Sites

IPG Photonics high-performance laser developer hit with ransomware

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

GreyEnergy: Welcome to 2019

DoppelPaymer ransomware gang hit Foxconn electronics giant

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Wi-Fi Chip Vulnerability

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

P2P Weakness Exposes Millions of IoT Devices

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

eCh0raix ransomware is back and targets QNAP NAS devices again

China-linked APT41 group targets Hong Kong with Spyder Loader

Critical Success Factors to Widespread Deployment of IoT

How to secure QNAP NAS devices? The vendor’s instructions

Technology giant Konica Minolta hit by a ransomware attack

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

New Guidance Published on Cybersecurity and Medical Devices

2019 end-of-year review part 1: January to June

Attack Against PC Thunderbolt Port

Bluetooth BIAS attack threatens billions of devices

The Growing Presence (and Security Risks) of IoT

More details about Operation Cronos that disrupted Lockbit operation

QSnatch malware infected over 62,000 QNAP NAS Devices

EventBot, a new Android mobile targets financial institutions across Europe

Antlion APT group used a custom backdoor that allowed them to fly under the radar for months

AUSTRALIA: Assistance and Access Act, December 2018 – Holy grail of uncertainty created by new rushed-in data encryption laws

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

QNAP urges users to update Malware Remover after QSnatch joint alert

These hackers have breached FBI-affiliated websites and leaked data online

Flaws in Qualcomm chips allows stealing private from devices

xHelper, the Unkillable Android malware that re-Installs after factory reset

Medtronic’s implantable heart defibrillators vulnerable to hack

New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs

New TA2101 threat actor poses as government agencies to distribute malware

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

Fbot malware targets HiSilicon DVR/NVR Soc devices

Stay Connected