2022, Education, Manufacturing and Security - Information Management Today

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago.

Security

Security Manufacturing Authentication Marketing

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

2022 will go down as the year where some semblance of normality returned. Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. These were truly precedented times.

Security

Security Data breaches Ransomware Military

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware

Ransomware Security Manufacturing Cybersecurity

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

IT Governance

MARCH 1, 2022

The cyber security industry, much like the rest of the world, is on edge. In the final days of February, there were a flurry of security incidents related, either directly or indirectly, to the Ukraine conflict. Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. Cyber attacks.

Data breaches

Data breaches Ransomware Government Blockchain

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. “I have independently verified Nexx has purposefully ignored all our attempts to assist with remediation and has let these critical flaws continue to affect their customers.”

Manufacturing

Manufacturing Cybersecurity Education Authentication

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached. Source (New) IT services USA Yes 1,382 Worthen Industries Source 1 ; source 2 (Update) Manufacturing USA Yes 1,277 R.J.

Data breaches

Data breaches Education Manufacturing Retail

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. appeared first on Security Affairs.

Government

Government Manufacturing Education Access

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware

Ransomware IT Manufacturing Education

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. Middle East, and India. Pierluigi Paganini.

Phishing

Phishing Manufacturing Education Cybersecurity

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members. That InfraGard member, who is head of security at a major U.S. Department of Defense.

Sales

Sales Energy and Utilities Communications Data breaches

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

The Last Watchdog

FEBRUARY 20, 2023

One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. The Glenn County Office of Education in California suffered an attack limiting access to its own network. Amos These are just a handful of examples of ransomware attacks in the last year.

Ransomware

Ransomware Cleanup Education Manufacturing

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware

Ransomware Encryption Manufacturing Phishing

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

Communications

Communications Manufacturing Education Government

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the Department has once again demonstrated the long arm of the law. In November 2022, the U.S. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey.

Ransomware

Ransomware Agriculture Education Government

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

The Last Watchdog

JULY 13, 2023

Is business becoming dulled to the cyber security threat As cyber fears decrease, the technological risk landscape has fragmented, with executives nearly as concerned about the perceived threat posed by disruptive new technologies, such as AI, as the risk of cybercrime. About Beazley. Beazley plc (BEZ.L) Beazley plc (BEZ.L)

Risk

Risk Insurance Energy and Utilities Marketing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities

Energy and Utilities Military Government Phishing

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Other research by Cybernews has revealed that BMW , a German luxury vehicle manufacturer producing around 2.5 The issue causing the leak has been fixed.

Retail

Retail Manufacturing Communications Passwords

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies. electronics manufacturers and distributors between approximately October 2012 and January 2022. hacking tools and electronics appeared first on Security Affairs.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

City of Dallas shut down IT services after ransomware attack

Security Affairs

MAY 4, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. reads the alert.

Ransomware

Ransomware IT Encryption Education

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

In 2022, it partnered with NVidia, an American multinational technology company, to build the industrial metaverse. Having access, they could exfiltrate a treasure trove of sensitive data, given that Siemens manufactures and maintains a lot of technologies and machines used by critical infrastructure.”

IoT

IoT Manufacturing Authentication Ransomware

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware

Ransomware Encryption File names Cybersecurity

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. While it’s a progressive step for the network security of the U.S. While it’s a progressive step for the network security of the U.S.

IoT

IoT Cybersecurity Manufacturing Government

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT Mining Manufacturing Education

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Manufacturing Cybersecurity Education

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Communications

Communications Manufacturing Access Archiving

UK Suffers Third Highest Rate of Ransomware Attacks in the World

IT Governance

SEPTEMBER 30, 2022

According to its analysis , 260 organisations in the UK fell victim to ransomware between January 2020 and June 2022, a figure that’s only exceeded by Canada (276) and – in a distant lead – the US (2,379). Across the UK, the education sector was the most frequently targeted, with 24 incidents. Why are small businesses at risk?

Ransomware

Ransomware Manufacturing Data breaches Risk

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. reads the press release published by DoJ.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

3CX Supply chain attack allowed targeting cryptocurrency companies

Security Affairs

APRIL 4, 2023

SentinelOne is tracking the malicious activity as SmoothOperator, the company speculates that the threat actor behind the attack has set up its infrastructure starting as early as February 2022. The company started distributing digitally signed Trojanized installers to its customers.

Manufacturing

Manufacturing Cybersecurity Education Security

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured.

Personal data

Personal data Phishing Risk Financial Services

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. LockBit is a prominent ransomware operation that first emerged in September 2019.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

The past week has been a busy one for cybersecurity vulnerabilities, with 34 vulnerable Windows drivers and four Microsoft Exchange flaws heading a long list of security concerns. The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 CVE-2022-4886 (Path Sanitization Bypass): This 8.8-level

Ransomware

Ransomware Authentication Cybersecurity Education

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

This allowed ESET researchers to identify devices previously used in a data center/ cloud computing business (specifically, a router provisioning a university’s virtualized assets), a nationwide US law firm, manufacturing and tech companies, a creative firm, and a major Silicon Valleybased software developer, among others.”

Authentication

Authentication Marketing Cloud Manufacturing

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Where do data breaches originate?

Security

Security Data breaches Data Privacy Compliance

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

The security officials told lawmakers that the ministry’s investigation has been triggered by an energy management component from Huawei, two lawmakers present at the briefing who spoke under the condition of anonymity told POLITICO. . ” reported POLITICO. “Berlin has previously been criticized over its stance by U.S.

Government

Government Communications Risk Cybersecurity

The U.S. Innovation and Competition Act: Senate Passes Sweeping $250 Billion Bill to Bolster Scientific Innovation and Compete With China

Data Matters

JUNE 16, 2021

Seventy-five percent of the world’s chips today come from Asia, while the share of semiconductors manufactured in the United States has fallen from 37% in 1990 to 12% today. a provision for Committee on Foreign Investment in the United States (CFIUS) review of certain foreign gifts to or contracts with higher education institutions.

Artificial Intelligence

Artificial Intelligence Military Manufacturing Education

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Organisation(s) Sector Location Data breached?

Data Privacy

Data Privacy Privacy Security Data breaches

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. million accounts compromised in Le Slip Français data breach The French underwear manufacturer Le Slip Français has suffered a data breach. Data breached: 5,300,000 records.

Data Privacy

Data Privacy Privacy Manufacturing Security

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

2022 Cyber Security Review of the Year

Webinars

Trending Sources

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Webinars

MSI confirms security breach after Money Message ransomware attack

List of data breaches and cyber attacks in February 2022 – 5.1 million records breached

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Cybersecurity agencies published a joint LockBit ransomware advisory

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

FBI chief says China is preparing to attack US critical infrastructure

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Money Message ransomware group claims to have hacked IT giant MSI

Microsoft seized 41 domains used by Iran-linked Bohrium APT

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

Operation Cronos: law enforcement disrupted the LockBit operation

Researchers Quietly Cracked Zeppelin Ransomware Keys

China-linked APT Volt Typhoon linked to KV-Botnet

A Russian national charged for committing LockBit Ransomware attacks

News alert: Beazley reports on how AI, new tech distract businesses as cyber risk intensifies

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Catches of the Month: Phishing Scams for October 2023

Volvo retailer leaks sensitive files

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

City of Dallas shut down IT services after ransomware attack

Siemens Metaverse exposes sensitive corporate data

New Linux Ransomware BlackSuit is similar to Royal ransomware

The IoT Cybersecurity Act of 2020: Implications for Devices

Updated Kmsdx botnet targets IoT devices

The U.S. CISA and FBI warn of Royal ransomware operation

Hyundai suffered a data breach that impacted customers in France and Italy

China-linked APT Volt Typhoon targets critical infrastructure organizations

UK Suffers Third Highest Rate of Ransomware Attacks in the World

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

3CX Supply chain attack allowed targeting cryptocurrency companies

Multinational ICICI Bank leaks passports and credit card numbers

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

More details about Operation Cronos that disrupted Lockbit operation

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

Hackers can hack organizations using data found on their discarded enterprise network equipment

Data security: Why a proactive stance is best

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

The U.S. Innovation and Competition Act: Senate Passes Sweeping $250 Billion Bill to Bolster Scientific Innovation and Compete With China

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

Stay Connected