IT Governance

MARCH 1, 2022

The cyber security industry, much like the rest of the world, is on edge. In the final days of February, there were a flurry of security incidents related, either directly or indirectly, to the Ukraine conflict. First, Russia targeted banks and government departments, then Ukraine hit back, attacking the Moscow stock exchange.

Data breaches 134

Data breaches Ransomware Government Blockchain 134

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. Starting from the end of July 2022, the FBI infiltrated Hive’s computer networks. According to the announcement, the group targeted organizations in over 80 countries.

Ransomware 109

Ransomware Blockchain Manufacturing Analytics 109

The Last Watchdog

JULY 10, 2023

In light of this Utimaco released its first edition in the Circles of Trust survey series in 2022 focused on a sample of the United Kingdom (UK), Spain and Germany, covering key sectors of automotive cybersecurity to the public and the health sector to uncover consumer perceptions about the digital services that they use every day.

IoT 189

IoT Security Cybersecurity Compliance 189

Security Affairs

MARCH 13, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Is it fake news?

Security 84

Security Data breaches Ransomware Manufacturing 84

Collibra

JUNE 21, 2023

Before November 2022 AI used to be the domain of experts. In November 2022, OpenAI’s ChatGPT catapulted AI from relative obscurity to a mainstream phenomenon. Businesses everywhere are seeking ways to leverage LLMs as fast as governments are talking about ways to regulate them. What you need is a governance model for AI.

Government 85

Government IT Risk Privacy 85

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing 112

Manufacturing Phishing Passwords Military 112

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware 86

Ransomware Security Manufacturing Cybersecurity 86

Security Affairs

MAY 15, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The post Security Affairs newsletter Round 365 by Pierluigi Paganini appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

Security 71

Security Agriculture Ransomware Manufacturing 71

Security Affairs

OCTOBER 19, 2023

In March 2022, the US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn that the Ragnar Locker ransomware gang breached the networks of at least 52 organizations across 10 critical infrastructure sectors. “As

Ransomware 107

Ransomware Financial Services Manufacturing Government 107

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities 98

Energy and Utilities Military Government Phishing 98

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Later, in November 2022, most of the devices composing the botnet were ProSAFE devices, and a smaller number of DrayTek routers.

Energy and Utilities 100

Energy and Utilities Communications Military Manufacturing 100

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education 84

Education Government Libraries Mining 84

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. .

Manufacturing 87

Manufacturing Government Risk Communications 87

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations. ” concludes Mandiant.

Manufacturing 82

Manufacturing Access Government Communications 82

Hunton Privacy

SEPTEMBER 26, 2022

On September 9, 2022, the National Highway Traffic Safety Administration (NHTSA) announced its publication of final Cybersecurity Best Practices for the Safety of Modern Vehicles (the “2022 Best Practices”). The 2022 Best Practices also is an update to NHTSA’s first cybersecurity best practices document, which was issued in 2016. .

Cybersecurity 55

Cybersecurity Manufacturing Risk Information Security 55

Security Affairs

JULY 20, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles.

Passwords 99

Passwords Manufacturing Military Authentication 99

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government 52

Government Communications Ransomware Manufacturing 52

Security Affairs

APRIL 8, 2022

The popular hacking Anonymous and the IT ARMY of Ukraine continue to target Russian government entities and private businesses. The list of recently compromised businesses includes: Forest – The hacktivists leaked 37,500 emails stolen from the company which is a Russian logging and wood manufacturing firm.

IT 110

IT Manufacturing Access Cybersecurity 110

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware 87

Ransomware Cybersecurity Agriculture Education 87

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics 83

Computer and Electronics Military Manufacturing Government 83

Security Affairs

JULY 15, 2022

The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. The HolyRS.exe was first detected in October 2021, HolyLocker.exe in March 2022 and BTLC.exe in April 2022. The first possibility is that the North Korean government sponsors this activity.”

Ransomware 132

Ransomware Encryption Government Manufacturing 132

Security Affairs

DECEMBER 13, 2023

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

Communications 114

Communications Manufacturing Education Government 114

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. While it’s a progressive step for the network security of the U.S. government, standards will not apply to the IoT market at-large.

IoT 144

IoT Cybersecurity Manufacturing Government 144

Security Affairs

MARCH 2, 2022

In the last few hours, in addition to government sites, the sites of the country’s main banks have been brought to their knees. AgainstTheWes #Ukraine pic.twitter.com/PJU5ClsGfr — ATW (@AgainstTheWest_) March 1, 2022. NPKTAIR, a Russian tool manufacturer, has been breached. Doemela_X) February 28, 2022.

IT 96

IT Manufacturing Mining Government 96

Data Protection Report

OCTOBER 17, 2022

On 15 September 2022, the European Commission published its proposal for a new Regulation which sets out cybersecurity related requirements for products with “digital elements”, known as the proposed Cyber Resilience Act (the CRA ). . These security requirements are high level and drafted broadly. Vulnerability handling requirements.

Manufacturing 132

Manufacturing IT Cybersecurity Marketing 132

Security Affairs

JUNE 6, 2022

The IT giant has seized the domains used by the threat actors employed in its attacks aimed at organizations in tech, transportation, government, and education sectors located in the U.S., The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. Middle East, and India. Pierluigi Paganini.

Phishing 112

Phishing Manufacturing Education Cybersecurity 112

Krebs on Security

FEBRUARY 20, 2024

The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. This prompted several XSS members to start posting memes taunting the group about the security failure. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 274

Ransomware Encryption Insurance Manufacturing 274

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement. Pierluigi Paganini.

Manufacturing 106

Manufacturing Information Security Military Authentication 106

Security Affairs

JUNE 16, 2023

In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the Department has once again demonstrated the long arm of the law. In November 2022, the U.S. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey.

Ransomware 85

Ransomware Agriculture Education Government 85

Security Affairs

NOVEMBER 27, 2023

” Rosaviatsia is the government agency responsible for the oversight and regulation of civil aviation in Russia. The agency’s primary role is to ensure the safety, security, and efficiency of air transport within the country. In the same period in 2022, 50 such incidents were recorded. ” concludes the report.

Military 112

Military Manufacturing Government Authentication 112

Security Affairs

DECEMBER 14, 2023

The threat actors behind the Hive RaaS have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. cybersecurity and intelligence authorities.

Ransomware 115

Ransomware Blockchain Manufacturing Analytics 115

IT Governance

NOVEMBER 23, 2023

You’d therefore expect that the sector fares better at data security than your average organisation. The public data set on the ICO (Information Commissioner’s Office) website shows that data security isn’t necessarily better for financial organisations. What do the statistics say? million (about £4.70

Risk 104

Risk Data breaches Authentication Financial Services 104

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. According to a joint report published by US authorities and international peers, the total of U.S. on January 5, 2020.

Energy and Utilities 107

Energy and Utilities Ransomware Agriculture Financial Services 107

IT Governance

MAY 7, 2024

A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached. Source (New) IT services USA Yes 1,382 Worthen Industries Source 1 ; source 2 (Update) Manufacturing USA Yes 1,277 R.J.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Security Affairs

MARCH 28, 2022

#RostProektLeak hacked by Anonymous Delete the *—— [link] @YourAnonRiots @YourAnonNews @YourAnonTV @AnonymousVideo pic.twitter.com/NoPRPmy18S — 0PS INFORMATION | WORLD HUMANITY | (@NewAnon0ps) March 27, 2022. link] — Anonymous (@LatestAnonPress) March 28, 2022. The hacktivists have leaked 2.4 Pierluigi Paganini.

Mining 98

Mining Manufacturing Government IT 98

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing 105

Phishing Financial Services Manufacturing Personal data 105

Security Affairs

OCTOBER 1, 2022

The group used the backdoor in attacks against Middle Eastern governments. The cyber espionage group Witchetty (aka LookingFrog) was first spotted by cybersecurity firm ESET in April 2022, the experts argue it is a sub-group of the China-linked TA410 group (aka APT10, Cicada, Stone Panda, and TA429)). Pierluigi Paganini.

Manufacturing 113

Manufacturing Government Cybersecurity IT 113