Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 135

Ransomware Manufacturing Access Phishing 135

Security Affairs

MAY 20, 2023

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers. pic.twitter.com/62uQWT4YQB — Andrea Draghetti (@AndreaDraghetti) May 12, 2023 The most recent entry in the database is March 16th, 2021, a circumstance that suggests it is a new data breach suffered by Luxottica.

Data breaches 97

Data breaches Retail Sales Ransomware 97

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Ransomware 105

Ransomware Manufacturing Cybersecurity Risk 105

Security Affairs

JANUARY 12, 2022

The new RedLine variant searches for the following strings to locate relevant folders for data exfiltration: wallet.dat (information related to cryptocurrency) wallet (information related to cryptocurrency) Login Data Web Data Cookies Opera GX Stable Opera GX. . 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91

Manufacturing 142

Manufacturing File names Archiving Encryption 142

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Manufacturing 107

Manufacturing Information Security Military Authentication 107

Security Affairs

APRIL 19, 2022

“CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code. Both drivers are used only during the manufacturing process. ” reads the advisory published by ESET.

Manufacturing 95

Manufacturing Cybersecurity Security IT 95

Hunton Privacy

SEPTEMBER 26, 2022

The 2022 Best Practices reflect the agency’s final, non-binding vehicle cybersecurity guidance following its release of draft guidance in January 2021. The 2022 Best Practices also is an update to NHTSA’s first cybersecurity best practices document, which was issued in 2016. .

Cybersecurity 55

Cybersecurity Manufacturing Risk Information Security 55

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 123

Ransomware Blockchain Manufacturing Analytics 123

Security Affairs

AUGUST 9, 2021

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021.

Ransomware 111

Ransomware Retail Security Manufacturing 111

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Manufacturing 114

Manufacturing Access IT Security 114

Security Affairs

NOVEMBER 2, 2023

In mid-2021, Qihoo 360 researchers reported that the botnet was composed of more 1.5 In July 2021, Netlab experts helped law enforcement to identify and arrest the alleged author of the Mozi bot. The mozi author has been arrested few weeks ago by LE with information provided by our team. One botnet down more to go.

IoT 106

IoT Manufacturing IT Security 106

Security Affairs

DECEMBER 12, 2023

The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity. Operation Blacksmith involved the exploitation of CVE-2021-44228 , also known as Log4Shell. In March, the threat actors hit a South American agricultural organization. ” reads the analysis published by Talos.

Agriculture 111

Agriculture Data collection Access Manufacturing 111

Security Affairs

JUNE 27, 2022

.” The Chinese researchers who discovered the vulnerabilities pointed out that CODESYS V2 Runtime is used by many manufacturers, and most of these manufacturers still use outdated versions. The vulnerabilities affect a large number of manufacturers using a version of CODESYS V2 Runtime older than V2.4.7.57.

Manufacturing 95

Manufacturing Risk Security Authentication 95

Security Affairs

OCTOBER 1, 2023

The Alphv ransomware group has been very active in this period, recently it claimed to have hacked Clarion , the global manufacturer of audio and video equipment for cars and other vehicles, and the hotel chain Motel One. .” reads the message published by the ALPHV gang on its leak site.

Ransomware 119

Ransomware Manufacturing Privacy Security 119

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. The team has identified that Ecco left 50 indices exposed to the public, with over 60GB of data accessible since June 2021.

Retail 100

Retail Manufacturing Sales Phishing 100

Security Affairs

JANUARY 8, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Communications 121

Communications Ransomware Data breaches Manufacturing 121

Security Affairs

OCTOBER 1, 2022

The APT group has been continuously improving its toolset by employing new malware in attacks aimed at governments, diplomatic missions, charities, and industrial/manufacturing organizations in the Middle East and Africa.

Manufacturing 121

Manufacturing Government Cybersecurity IT 121

Security Affairs

AUGUST 23, 2021

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. So here's a freebie pic.twitter.com/xDkl87RCmz — jonhat (@j0nh4t) August 21, 2021. So here's a freebie pic.twitter.com/xDkl87RCmz — jonhat (@j0nh4t) August 21, 2021. Pierluigi Paganini.

Computer and Electronics 134

Computer and Electronics Manufacturing Financial Services Access 134

Security Affairs

AUGUST 25, 2023

Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan. The group is suspected to have been active since mid-2021.

Manufacturing 92

Manufacturing Education Access Government 92

Security Affairs

AUGUST 2, 2021

The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide. The CVE-2021-37160 has yet to be addressed. Swisslog has released Nexus Control Panel version 7.2.5.7

Ransomware 107

Ransomware Manufacturing Cybersecurity Passwords 107

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 97

Ransomware Blockchain Manufacturing Analytics 97

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability, tracked as CVE-2021-22681 , can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. ” reads the advisory published by CISA. ” reads the advisory published by CISA.

Authentication 123

Authentication Communications Manufacturing Risk 123

Security Affairs

AUGUST 21, 2021

The three vulnerabilities used in ProxyShell attacks are: CVE-2021-34473 – Pre-auth Path Confusion leads to ACL Bypass (Patched in April by KB5001779 ) CVE-2021-34523 – Elevation of Privilege on Exchange PowerShell Backend (Patched in April by KB5001779 ) CVE-2021-31207 – Post-auth Arbitrary-File-Write leads to RCE (Patched in May by KB5003435 ).

Ransomware 136

Ransomware Encryption Financial Services Manufacturing 136

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities 119

Energy and Utilities Communications Military Manufacturing 119

Security Affairs

DECEMBER 14, 2022

After looking at 28 of the most popular manufacturers, our research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021. What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. The reign of a Chinese brand.

Passwords 138

Passwords Manufacturing Authentication Government 138

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. .” reads the joint report. Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers.

Energy and Utilities 108

Energy and Utilities Military Government Phishing 108

Security Affairs

DECEMBER 15, 2023

Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. ” The Snatch ransomware was first spotted at the end of 2019, Sophos researchers discovered a piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions.

Ransomware 120

Ransomware Computer and Electronics Agriculture Military 120

Security Affairs

SEPTEMBER 30, 2023

the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware 124

Ransomware Manufacturing Risk IT 124

Security Affairs

AUGUST 31, 2021

Rapid7 researchers discovered two flaws that can be exploited by attackers to remotely disable one of the home security systems offered by Fortress Security Store. The Fortress S03 Wi-Fi Home Security System allows users to build their own alarm system to secure their homes and small businesses.

Security 99

Security Cloud Manufacturing Cybersecurity 99

Security Affairs

MARCH 12, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. 2/5 — ESET research (@ESETresearch) March 2, 2021.

Authentication 132

Authentication Military Ransomware Manufacturing 132

Security Affairs

NOVEMBER 4, 2021

US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against potential Bluetooth exploits. BrakTooth—originally disclosed in August 2021—is a family of security vulnerabilities in commercial Bluetooth stacks.

Manufacturing 106

Manufacturing Security IT Information Security 106

Security Affairs

JANUARY 28, 2021

Telus and V-Server SCADA/HMI allow organizations to remotely monitor and control equipment in a factory, they are widely adopted in the critical manufacturing sector. The vulnerabilities affect the Tellus Lite V-Simulator (Versions prior to v4.0.10.0) and Server Lite (Versions prior to v4.0.10.0).

Manufacturing 99

Manufacturing Cybersecurity Security Access 99

Security Affairs

JANUARY 28, 2022

Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. According to CTWANT , which cited an undisclosed information security company, Delta Electronics was hit by Conti ransomware that asked Delta to pay a $15 million ransom to restore encrypted files and avoid their leak.

Ransomware 99

Ransomware Computer and Electronics Manufacturing Encryption 99

Security Affairs

JULY 3, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. Now Microsoft confirmed that the threat was discovered on the networks of multiple customers, including organizations in the technology and manufacturing sectors.

Manufacturing 99

Manufacturing Libraries Communications Cybersecurity 99

Security Affairs

AUGUST 24, 2021

Just yesterday, only two days after the publication, our home security solution, Secure Home , detected attempts to exploit these vulnerabilities to spread a variant of a Mirai malware.” As of August 18th, we have identified attempts to exploit CVE-2021-35395 in the wild.” ” reported IoT Inspector.

IoT 121

IoT Manufacturing Authentication Security 121

eSecurity Planet

JANUARY 21, 2021

The Riskonnect GRC platform has specific use cases for risk management, information security, compliance, and audit professionals in healthcare, retail, insurance, financial services, and manufacturing. It also ensures that the information you’re reviewing is thorough, consolidated, and free of human error. Riskonnect.

Compliance 67

Compliance Risk Government Retail 67

Hunton Privacy

AUGUST 31, 2021

On August 16, 2021, the U.S. In September 2018, the software manufacturer put Pearson on notice of the vulnerability, but the SEC’s order alleges that Pearson did not patch the vulnerability until after it learned of the attack in March 2019 even though a patch was available in September 2018.

Data breaches 111

Data breaches Manufacturing Passwords Data Privacy 111