Security Affairs

JULY 28, 2019

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 The vulnerability, tracked as CVE-2019-2107, affected Android OS between version 7.0 Pierluigi Paganini.

Manufacturing 111

Manufacturing Security IT Information Security 111

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 Experts warn of active exploitation of the CVE-2018-13379 , a security bug heavily exploited by LockBit to breach networks. ransomware. in Australia since 2020.

Ransomware 111

Ransomware Retail Security Manufacturing 111

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The organizations is major mobile hardware and software manufacturer based in Asia, experts contacted it to alert the company of the infection. Pierluigi Paganini.

Manufacturing 84

Manufacturing Paper Communications IT 84

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. KG Source 1 ; source 2 (New) Manufacturing Germany Yes 1.1 They accessed 41.5 Data breached: 41,500,000 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Security Affairs

FEBRUARY 7, 2020

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. According to the company, attackers did not obtain sensitive information about defense contracts.

Security 115

Security Manufacturing Data breaches Access 115

Security Affairs

NOVEMBER 19, 2019

Experts found multiple flaws (CVE-2019-2234) in the Android camera apps provided by Google and Samsung that could allow attackers to spy on users. “After disclosing these findings to Google, they shared the report with other Android manufacturers, and Samsung confirmed the vulnerabilities existed in their smartphones as well. .

Manufacturing 68

Manufacturing Metadata Security awareness IoT 68

Security Affairs

JANUARY 7, 2022

Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.” The post How to secure QNAP NAS devices?

Ransomware 99

Ransomware Security Encryption Systems administration 99

Security Affairs

MARCH 14, 2023

Maximum Industries is a full-service, piece-part production, and contract manufacturing facility. The ransomware gang hacked the systems of the production firm, which also provides its services to SpaceX, and stole its data, including files of the American spacecraft manufacturer and a satellite communications corporation.

Ransomware 96

Ransomware Manufacturing Communications IT 96

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

The issue is that these tens of billions of new devices will likely amplify the inherent security risks of IoT. In the absence of IoT security regulations, many smart product manufacturers simply release new devices that lack built-in security measures and have not undergone proper security review and testing.

IoT 122

IoT Risk Energy and Utilities Security 122

Security Affairs

FEBRUARY 9, 2020

The best news of the week with Security Affairs. Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root. Google mistakenly shared private videos of some users with others in 2019. Japanese defense contractors Pasco and Kobe Steel disclose security breaches. Pierluigi Paganini.

Security 88

Security Ransomware IoT Manufacturing 88

Security Affairs

JANUARY 16, 2019

In order to investigate the attribution of the sample, Cybaze-Yoroi Zlab researchers performed a comparative analysis of the January 2019’s sample with respect to technical indicators and TTP published in previous articles. The remote destination ends to the 217.12.204.100 IP address, owned by an Ukrainian contractor and manufacturer company.

Phishing 71

Phishing Manufacturing Encryption IT 71

Security Affairs

DECEMBER 28, 2020

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The company has over 77,000 employees at 59 manufacturing & technology research centers worldwide and generated $20 billion in revenue for 2019. respectively. Pierluigi Paganini.

Ransomware 139

Ransomware Manufacturing Marketing Archiving 139

Security Affairs

FEBRUARY 9, 2024

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. Hyundai Italy has notified the privacy watchdog and hired external cybersecurity experts to determine the scope of the incident.

Ransomware 133

Ransomware Data breaches Manufacturing Sales 133

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware 118

Ransomware Financial Services Manufacturing Government 118

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. A Webcam made by HiChip that includes the iLnkP2P software.

IoT 258

IoT Manufacturing Passwords Computer and Electronics 258

Hunton Privacy

AUGUST 31, 2021

The SEC’s order alleges that on March 21, 2019, Pearson learned of a 2018 cyber intrusion that affected data stored on the server for one of its web-based software products. On March 21, 2019, Pearson received a copy of the stolen data showing that all school district personnel usernames and passwords and 11.5

Data breaches 111

Data breaches Manufacturing Passwords Data Privacy 111

Security Affairs

MAY 21, 2020

In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, at the time, it claimed that attackers did not obtain sensitive information about defense contracts. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019.

Security 88

Security Military Manufacturing Personal data 88

HL Chronicle of Data Protection

AUGUST 30, 2019

” presented by the Privacy + Security Forum. Paul Otto will speak on cybersecurity & patient safety at the Medical Device Manufacturers Association’s 12th Annual Medical Technology Executive Forum. 2019 Conference. 2019 Conference. 2019 Conference. 2019 Conference. Location : Webinar.

Privacy 40

Privacy Cybersecurity GDPR Risk 40

Krebs on Security

APRIL 4, 2024

com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. For example, this account at Medium has authored more than a dozen blog posts in the past year singing the praises of Tornote as a secure, self-destructing messaging service.

Phishing 205

Phishing Blockchain Manufacturing Encryption 205

Security Affairs

SEPTEMBER 20, 2020

manufacturer of high-performance fiber lasers for diverse applications and industries was hit by a ransomware attack that disrupted its operations. IPG Photonics manufactures high-performance fiber lasers, amplifiers, and laser systems for diverse applications and industries. billion revenue in 2019. billion revenue in 2019.

Ransomware 126

Ransomware Manufacturing Encryption Access 126

Security Affairs

DECEMBER 15, 2023

Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. ” The Snatch ransomware was first spotted at the end of 2019, Sophos researchers discovered a piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions.

Ransomware 120

Ransomware Computer and Electronics Military Agriculture 120

Krebs on Security

FEBRUARY 20, 2024

First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. Department of Justice (DOJ).

Ransomware 259

Ransomware Encryption Insurance Manufacturing 259

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 300

Ransomware Encryption Manufacturing Phishing 300

WIRED Threat Level

MAY 10, 2020

The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and affects any PC manufactured before 2019.

Manufacturing 118

Manufacturing Access Security 118

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. billion in revenue for 2019. Luxottica Group S.p.A. Pierluigi Paganini.

Retail 140

Retail Manufacturing Ransomware Security 140

eSecurity Planet

JANUARY 22, 2021

In 2019, there were an estimated 9.9 As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. While it’s a progressive step for the network security of the U.S. Government-Grade Security.

IoT 143

IoT Cybersecurity Manufacturing Government 143

Security Affairs

AUGUST 13, 2019

Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices. G Richter, a security researcher at Pen Test Partners discovered multiple vulnerabilities 4G routers manufactured by different vendors. high severity CVSS v3.

Risk 104

Risk Manufacturing Passwords Authentication 104

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Part one covers January to June, and will be followed by part in the coming days.

Data breaches 69

Data breaches GDPR Passwords Personal data 69

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Pierluigi Paganini.

IoT 103

IoT Manufacturing Passwords Ransomware 103

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Manufacturing 130

Manufacturing Education Encryption IT 130

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware 131

Ransomware Encryption Manufacturing Passwords 131

Security Affairs

FEBRUARY 14, 2019

SAP released a collection of security fixes for February 2019 that address 13 vulnerabilities in its products, including a Hot News flaw in SAP HANA XSA. SAP Security Patch Day for February 2019 includes 13 Security Notes and 3 updates to previously released security notes.

Security 79

Security Manufacturing Authentication Access 79

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities 117

Energy and Utilities Ransomware Agriculture Financial Services 117

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. . Follow me on Twitter: @securityaffairs and Facebook.

Manufacturing 108

Manufacturing Business Services Communications IT 108

Security Affairs

JUNE 6, 2020

A critical vulnerability in traffic light controllers manufactured by SWARCO could have been exploited by attackers to disrupt traffic lights. SWARCO is the world’s largest manufacturer of signal heads and the number two internationally for reflective glass beads. ” reads the security advisory published by the U.S.

Manufacturing 130

Manufacturing Cybersecurity Access Security 130

Security Affairs

NOVEMBER 20, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. The intrusion took place on June 28, 2019, and the company launched an investigation in September 2019. Pierluigi Paganini.

Manufacturing 124

Manufacturing Cloud Cybersecurity Security 124

Security Affairs

MAY 4, 2022

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. The attackers targeted intellectual property developed by the victims, including sensitive documents, blueprints, diagrams, formulas, and manufacturing-related proprietary data.”

Manufacturing 113

Manufacturing Archiving Cybersecurity Access 113