2019, Information Security and Manufacturing - Information Management Today

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” reads the report p ublished by TrapX.”First,

Manufacturing

Manufacturing IoT Communications Risk

House Energy and Commerce Leaders Demand Information from Various Toy Manufacturers

Hunton Privacy

NOVEMBER 15, 2022

Given the shift of marketing efforts from traditional television outlets to social media platforms, Committee Leaders are concerned about failure to protect children’s privacy, security and mental health on social media platforms. The letters from the Committee Leaders asked that each toy manufacturer respond by November 9, 2022.

Manufacturing

Manufacturing Privacy Marketing Security

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Security Affairs

FEBRUARY 7, 2021

According to a report published by the industrial cybersecurity firm Claroty that focuses on the second half of 2020, the number of flaws discovered in industrial control system (ICS) products in 2020 (893 flaws) was 24,72% higher compared to 2019. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Manufacturing

Manufacturing Risk Marketing Cybersecurity

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Security Affairs

JULY 28, 2019

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 Pierluigi Paganini.

Manufacturing

Manufacturing Security IT Information Security

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection. Pierluigi Paganini.

Manufacturing

Manufacturing Paper Communications IT

SEC Sanctions Public Company for Misleading Disclosures About Data Breach

Hunton Privacy

AUGUST 31, 2021

The SEC’s order alleges that on March 21, 2019, Pearson learned of a 2018 cyber intrusion that affected data stored on the server for one of its web-based software products. On March 21, 2019, Pearson received a copy of the stolen data showing that all school district personnel usernames and passwords and 11.5

Data breaches

Data breaches Manufacturing Passwords Data Privacy

Black Basta ransomware gang hacked Hyundai Motor Europe

Security Affairs

FEBRUARY 9, 2024

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. Hyundai Italy has notified the privacy watchdog and hired external cybersecurity experts to determine the scope of the incident.

Ransomware

Ransomware Data breaches Manufacturing Sales

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Security Affairs

NOVEMBER 19, 2019

Experts found multiple flaws (CVE-2019-2234) in the Android camera apps provided by Google and Samsung that could allow attackers to spy on users. “After disclosing these findings to Google, they shared the report with other Android manufacturers, and Samsung confirmed the vulnerabilities existed in their smartphones as well. .

Manufacturing

Manufacturing Metadata Security awareness IoT

LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

Security Affairs

MARCH 14, 2023

Maximum Industries is a full-service, piece-part production, and contract manufacturing facility. The ransomware gang hacked the systems of the production firm, which also provides its services to SpaceX, and stole its data, including files of the American spacecraft manufacturer and a satellite communications corporation.

Ransomware

Ransomware Manufacturing Communications IT

Nefilim ransomware operators leak data stolen from Whirlpool

Security Affairs

DECEMBER 28, 2020

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The company has over 77,000 employees at 59 manufacturing & technology research centers worldwide and generated $20 billion in revenue for 2019.

Ransomware

Ransomware Manufacturing Marketing Archiving

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. McFarland was doing the same with her AOL account.

Data breaches

Data breaches GDPR Passwords Personal data

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Manufacturing Government

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. billion revenue in 2019. billion revenue in 2019.

Ransomware

Ransomware Manufacturing Encryption Access

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

APRIL 10, 2020

Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. an antenna in an anti-mortar defense system), billing and payment forms, supplier information, data analysis reports, and legal paperwork. ” reads the statement published by El Reg.

Ransomware

Ransomware Manufacturing Military Cybersecurity

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. ” The Snatch ransomware was first spotted at the end of 2019, Sophos researchers discovered a piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions.

Ransomware

Ransomware Computer and Electronics Military Agriculture

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Although the total number of data breaches – or rather, in those reported – decreased by 24% between 2019 and 2022 in the finance sector, the number of incidents increased by 99%. So to account for seasonality, we’ve only looked at Q2–Q4 for all four years (2019–2022). million (about £4.70

Risk

Risk Data breaches Authentication Financial Services

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Manufacturing

Manufacturing Education Encryption IT

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A.

Retail

Retail Manufacturing Ransomware Security

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. .

Manufacturing

Manufacturing Business Services Communications IT

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Ransomware

Ransomware Computer and Electronics Manufacturing Encryption

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT

IoT Manufacturing Passwords Ransomware

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware

Ransomware Encryption Manufacturing Passwords

DoppelPaymer ransomware gang hit Foxconn electronics giant

Security Affairs

DECEMBER 7, 2020

Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. Foxconn manufactures electronic products for major American, Canadian, Chinese, Finnish, and Japanese companies. The plan is located in Ciudad Juárez, Chihuahua, Mexico. ” reported BleepingComputer.

Ransomware

Ransomware Manufacturing Encryption Cybersecurity

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Both tools could be used to target SOHO and other routers manufactured by major industry providers, including Cisco, Fortinet, and MikroTik. The RouterSploit Framework allows operators to scan for vulnerable embedded devices, while RouterScan allows for the scanning of IP addresses for vulnerabilities.

Authentication

Authentication Passwords Systems administration Manufacturing

8Base ransomware operators use a new variant of the Phobos ransomware

Security Affairs

NOVEMBER 19, 2023

The group has been active since March 2022, it focused on small and medium-size businesses in multiple industries, including finance, manufacturing, business services, and IT. Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. and Brazil. ” reads the report published by Talos.”Once

Ransomware

Ransomware Encryption Metadata Manufacturing

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Manufacturing

Manufacturing Cloud Cybersecurity Security

China-linked Winnti APT steals intellectual property from companies worldwide

Security Affairs

MAY 4, 2022

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. “With years to surreptitiously conduct reconnaissance and identify valuable data, it is estimated that the group managed to exfiltrate hundreds of gigabytes of information. .

Manufacturing

Manufacturing Archiving Cybersecurity Access

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” reads the press release published by DoJ.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

Swiss watchmaker Swatch shuts down IT systems in response to a cyberattack

Security Affairs

SEPTEMBER 30, 2020

The Swatch Group Ltd is a Swiss manufacturer of watches and jewellery. The company employs about 36,000 people in 50 countries, in 2019, net sales were 9.6 The company turned off its systems to avoid other systems on its network from being infected. billion Swiss francs (CHF).

IT

IT Ransomware Manufacturing Sales

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. Independent experts observed a surge in eCh0raix ransomware infection reports between April 19 and April 26.

Ransomware

Ransomware Encryption Passwords Manufacturing

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.”

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

Alleged Vietnamese Ocean Lotus (APT32) hackers breached the networks of the car manufacturers BMW and Hyundai to steal automotive trade secrets. According to German media, hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Manufacturing

Manufacturing Government Security IT

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

Who is behind the Mozi Botnet kill switch?

Security Affairs

NOVEMBER 2, 2023

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extended the list of targets.

IoT

IoT Manufacturing IT Security

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” reads the report published by Crowdstrike.

Access

Access Financial Services Retail Insurance

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

To overcome the user authentication, we used a known vulnerability, CVE-2019-9013 , which allows us to perform a replay attack against the PLC using the unsecured username and password’s hash that were sent during the sign-in process , allowing us to bypass the user authentication process.” ” continues the report.

Authentication

Authentication Passwords Manufacturing Risk

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. The QSnatch malware implements multiple functionalities, such as: . ” reads the alert.

Manufacturing

Manufacturing Cybersecurity Encryption Authentication

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Manufacturing

Manufacturing Sales Data breaches Access

Experts found a critical authentication bypass flaw in Rockwell Automation software

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability, tracked as CVE-2021-22681 , can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. Claroty privately reported the vulnerability to Rockwell in 2019. ” reads the advisory published by CISA.

Authentication

Authentication Communications Manufacturing Risk

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

We envision substantial amendments to the BLE stack certification to avoid SweynTooth style security flaws. We also urge SoC vendors and IoT product manufacturers to be aware of such security issues and to initiate focused effort in security testing.” 2.60 (CVE-2019-16336) and NXP KW41Z 3.40 or earlier.

IoT

IoT Manufacturing Security Communications

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

IoT devices at major Manufacturers infected with crypto-miner

House Energy and Commerce Leaders Demand Information from Various Toy Manufacturers

Webinars

Trending Sources

The number of ICS flaws in 2020 was 24,72% higher compared to 2019

Webinars

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

SEC Sanctions Public Company for Misleading Disclosures About Data Breach

Black Basta ransomware gang hacked Hyundai Motor Europe

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

Nefilim ransomware operators leak data stolen from Whirlpool

2019 end-of-year review part 1: January to June

Law enforcement operation seized Ragnar Locker group’s infrastructure

Operation Cronos: law enforcement disrupted the LockBit operation

IPG Photonics high-performance laser developer hit with ransomware

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Risk Management under the DORA Regulation

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Hackers hit Luxottica, production stopped at two Italian plants

TinyNuke banking malware targets French organizations

Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

DoppelPaymer ransomware gang hit Foxconn electronics giant

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

China-linked threat actors have breached telcos and network service providers

8Base ransomware operators use a new variant of the Phobos ransomware

Mitsubishi Electric Corp. was hit by a new cyberattack

China-linked Winnti APT steals intellectual property from companies worldwide

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Researchers found alleged sensitive documents of NATO and Turkey

Swiss watchmaker Swatch shuts down IT systems in response to a cyberattack

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

More details about Operation Cronos that disrupted Lockbit operation

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Belgium telecom operators Proximus and Orange drop Huawei

Who is behind the Mozi Botnet kill switch?

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

QSnatch malware infected over 62,000 QNAP NAS Devices

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Experts found a critical authentication bypass flaw in Rockwell Automation software

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Hyundai suffered a data breach that impacted customers in France and Italy

Stay Connected