2022, Education and Manufacturing - Information Management Today

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

2022 will go down as the year where some semblance of normality returned. In total, we have so far reported more than 1,000 data breaches in 2022, with almost half a billion breached records. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security

Security Data breaches Ransomware Military

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Following a successful debut in November 2022, Matter is picking up steam, Nelson told me. Consumer awareness is growing and evolving.

Security

Security Manufacturing Authentication Marketing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

In the midst of all this, organisations across Europe have reported delays as a result of alleged state-sponsored attacks – including Toyota’s Japanese plants and a kettle manufacturer in the Isle of Man. Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. Cyber attacks. Ransomware.

Data breaches

Data breaches Ransomware Government Blockchain

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Below is a video demo published by the researcher that shows how to exploit the flaw CVE-2023–1748 to obtain users’ info.

Manufacturing

Manufacturing Cybersecurity Education Authentication

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

Communications

Communications Manufacturing Education Government

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government.

Government

Government Manufacturing Education Access

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

The Last Watchdog

FEBRUARY 20, 2023

One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. The Glenn County Office of Education in California suffered an attack limiting access to its own network. It’s best to stay away from paying out any funds in cryptocurrency or otherwise.

Ransomware

Ransomware Cleanup Education Manufacturing

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. Middle East, and India.

Phishing

Phishing Manufacturing Education Cybersecurity

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In November 2022, the U.S. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey. The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Agriculture Education Government

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. ” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

Companies with an annual revenue of US$250,000 to US$999,999 report feeling less prepared to deal with cyber risks in 2023 (76%) than they did in 2022 (70%). Beazley manages seven Lloyd’s syndicates and, in 2022, underwrote gross premiums worldwide of $5,268.7m. About Beazley. Beazley plc (BEZ.L) Beazley plc (BEZ.L)

Risk

Risk Insurance Energy and Utilities Marketing

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware

Ransomware Encryption Manufacturing Phishing

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Other research by Cybernews has revealed that BMW , a German luxury vehicle manufacturer producing around 2.5 The issue causing the leak has been fixed.

Retail

Retail Manufacturing Communications Passwords

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies. electronics manufacturers and distributors between approximately October 2012 and January 2022. Most of these items would have been unavailable to Russian end-users if ordered directly for shipment to Russia.”

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July.

Phishing

Phishing Financial Services Manufacturing Personal data

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware

Ransomware Encryption File names Cybersecurity

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Sales

Sales Energy and Utilities Communications Data breaches

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

In 2022, it partnered with NVidia, an American multinational technology company, to build the industrial metaverse. Having access, they could exfiltrate a treasure trove of sensitive data, given that Siemens manufactures and maintains a lot of technologies and machines used by critical infrastructure.”

IoT

IoT Manufacturing Authentication Ransomware

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. reads the alert.

Ransomware

Ransomware IT Encryption Education

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT Mining Manufacturing Education

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware

Ransomware Security Manufacturing Cybersecurity

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” reads the press release published by DoJ.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. In December 2022, the US Department of Health and Human Services (HHS) warned healthcare organizations of Royal ransomware attacks. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

For any IoT device vendors currently contracted by the government, this is what we know so far from the National Institute of Standards and Technology (NIST): Required reading for IoT manufacturers: foundational guidelines about IoT vulnerabilities ( 8259 ) and a core baseline of necessary cybersecurity components ( 8259A ). Data protection.

IoT

IoT Cybersecurity Manufacturing Government

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

UK Suffers Third Highest Rate of Ransomware Attacks in the World

IT Governance

SEPTEMBER 30, 2022

According to its analysis , 260 organisations in the UK fell victim to ransomware between January 2020 and June 2022, a figure that’s only exceeded by Canada (276) and – in a distant lead – the US (2,379). Across the UK, the education sector was the most frequently targeted, with 24 incidents. What else should organisations do?

Ransomware

Ransomware Manufacturing Data breaches Risk

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Today, additional criminal charges against Kondratyev were unsealed in the Northern District of California related to his deployment in 2020 of ransomware against a victim located in California.” on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

3CX Supply chain attack allowed targeting cryptocurrency companies

Security Affairs

APRIL 4, 2023

SentinelOne is tracking the malicious activity as SmoothOperator, the company speculates that the threat actor behind the attack has set up its infrastructure starting as early as February 2022. The company started distributing digitally signed Trojanized installers to its customers. ” concludes Kaspersky.

Manufacturing

Manufacturing Cybersecurity Education Security

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Communications

Communications Manufacturing Access Archiving

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. Last year, with a total share of 18% of all cyberattacks, it was the second most targeted industry, following manufacturing.

Personal data

Personal data Phishing Risk Financial Services

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

This allowed ESET researchers to identify devices previously used in a data center/ cloud computing business (specifically, a router provisioning a university’s virtualized assets), a nationwide US law firm, manufacturing and tech companies, a creative firm, and a major Silicon Valleybased software developer, among others.”

Authentication

Authentication Marketing Cloud Manufacturing

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. The Dallas City Council has approved a budget of $8.5 million to mitigate the ransomware attack. million to mitigate the May Royal ransomware attack appeared first on Security Affairs.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

CVE-2022-4886 (Path Sanitization Bypass): This 8.8-level Security Awareness and Training: Educating and training users, particularly those in businesses, on the hazards associated with vulnerable drivers, as well as the significance of upgrading their systems, can help to avoid unintended exploitation.

Ransomware

Ransomware Authentication Cybersecurity Education

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

” The German interior ministry is making a census of components manufactured by Chinese suppliers that are used by national network operators. . “We have not been informed about a risk related to an energy management component by any authority,” Patrick Berger, Huawei’s head of media affairs told POLITICO.

Government

Government Communications Risk Cybersecurity

The U.S. Innovation and Competition Act: Senate Passes Sweeping $250 Billion Bill to Bolster Scientific Innovation and Compete With China

Data Matters

JUNE 16, 2021

Seventy-five percent of the world’s chips today come from Asia, while the share of semiconductors manufactured in the United States has fallen from 37% in 1990 to 12% today. a provision for Committee on Foreign Investment in the United States (CFIUS) review of certain foreign gifts to or contracts with higher education institutions.

Artificial Intelligence

Artificial Intelligence Military Manufacturing Education

4 Reasons the Rocket Team Is Grateful This Year

Rocket Software

NOVEMBER 24, 2021

We are proud to support almost all of the Fortune 50 companies with our products and services, companies that play critical roles in industries from education to manufacturing. Happy holidays from everyone at Rocket, and we look forward to seeing what 2022 brings.

Digital transformation

Digital transformation Manufacturing Education Access

South African print market growth lagging behind African recovery

Info Source

MARCH 31, 2023

Having just seen out the last of the COVID-19 pandemic slowdown with early signs of a healthy recovery in 2021 and 2022, the industry – like many others in the country – is being hamstrung by the power supply crisis in 2023, and for the foreseeable future. Power is not the only limiting factor in South Africa.

Marketing

Marketing Sales Agriculture Mining

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Thirty percent of those incidents occurred in manufacturing organizations. Educate employees about digital safety, including two-factor or multi-factor authentication.

Security

Security Data breaches Data Privacy Compliance

Regulation of AI-Based Applications: The Inevitable New Frontier

AIIM

NOVEMBER 12, 2019

billion in 2019 and is expected to double by 2022 to $ 79.2 billion representing an annual growth rate of 38% for the period 2018-2022. No doubt, applications of AI may address some of the most vexing social challenges such as health, the environment, economic empowerment, education, and infrastructure.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Communications Manufacturing

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

2022 Cyber Security Review of the Year

Webinars

Trending Sources

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

Webinars

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

FBI chief says China is preparing to attack US critical infrastructure

Operation Cronos: law enforcement disrupted the LockBit operation

Nexx bugs allow to open garage doors, and take control of alarms and plugs

China-linked APT Volt Typhoon linked to KV-Botnet

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Cybersecurity agencies published a joint LockBit ransomware advisory

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

Money Message ransomware group claims to have hacked IT giant MSI

Microsoft seized 41 domains used by Iran-linked Bohrium APT

A Russian national charged for committing LockBit Ransomware attacks

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Researchers Quietly Cracked Zeppelin Ransomware Keys

Volvo retailer leaks sensitive files

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Catches of the Month: Phishing Scams for October 2023

New Linux Ransomware BlackSuit is similar to Royal ransomware

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Siemens Metaverse exposes sensitive corporate data

City of Dallas shut down IT services after ransomware attack

Updated Kmsdx botnet targets IoT devices

MSI confirms security breach after Money Message ransomware attack

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

The U.S. CISA and FBI warn of Royal ransomware operation

The IoT Cybersecurity Act of 2020: Implications for Devices

Hyundai suffered a data breach that impacted customers in France and Italy

UK Suffers Third Highest Rate of Ransomware Attacks in the World

More details about Operation Cronos that disrupted Lockbit operation

3CX Supply chain attack allowed targeting cryptocurrency companies

China-linked APT Volt Typhoon targets critical infrastructure organizations

Multinational ICICI Bank leaks passports and credit card numbers

Hackers can hack organizations using data found on their discarded enterprise network equipment

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

The U.S. Innovation and Competition Act: Senate Passes Sweeping $250 Billion Bill to Bolster Scientific Innovation and Compete With China

4 Reasons the Rocket Team Is Grateful This Year

South African print market growth lagging behind African recovery

Data security: Why a proactive stance is best

Regulation of AI-Based Applications: The Inevitable New Frontier

Stay Connected