IT Governance

JANUARY 9, 2024

million customers’ data compromised Cyber criminals known as dawnofdevil have claimed responsibility for a data breach at Hathaway Cable & Datacom Ltd, one of India’s largest Internet service providers, in December 2023. KG Source 1 ; source 2 (New) Manufacturing Germany Yes 1.1 They accessed 41.5 Data breached: 41,500,000 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Security Affairs

APRIL 5, 2023

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. Authorization Bypass Through User-Controlled Key CWE-639 ( CVE-2023–1749 , CVSS3.0: Authorization Bypass Through User-Controlled Key CWE-639 ( CVE-2023–1750 , CVSS3.0:

Manufacturing 92

Manufacturing Cybersecurity Education Authentication 92

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Further victims of Harvard Pilgrim Health Care ransomware attack identified Harvard Pilgrim Health Care suffered a ransomware attack in April 2023, which it has been investigating since then. Data breached: 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

NOVEMBER 15, 2023

The report includes IOCs and TTPs identified through investigations as recently as September 2023. The Rhysida ransomware group has been active since May 2023, according to the gang’s Tor leak site, at least 62 companies are victims of the operation. The victims of the group are “targets of opportunity.”

Ransomware 116

Ransomware Manufacturing Education Passwords 116

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally.

Ransomware 88

Ransomware Security Manufacturing Cybersecurity 88

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. was the prevalent variant in 2023.

Ransomware 89

Ransomware Cybersecurity Agriculture Education 89

Security Affairs

SEPTEMBER 23, 2023

In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. The City confirmed the security incident and is working to recover from the ransomware attack that impacted its services, including the police department. During this time, Royal performed data exfiltration and ransomware delivery preparation activities.”

Ransomware 105

Ransomware Encryption Systems administration Cybersecurity 105

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities 110

Energy and Utilities Communications Military Manufacturing 110

Security Affairs

AUGUST 31, 2023

On its digital platform, NSC provides online resources for its nearly 55,000 members spread across different businesses, agencies, and educational institutions. The data was publicly accessible for 5 months, as the leak was first indexed by IoT search engines on January 31st, 2023.

Passwords 138

Passwords Healthcare Manufacturing Access 138

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. Companies with an annual revenue of US$250,000 to US$999,999 report feeling less prepared to deal with cyber risks in 2023 (76%) than they did in 2022 (70%).

Risk 189

Risk Insurance Energy and Utilities Marketing 189

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023. appeared first on Security Affairs.

Government 105

Government Manufacturing Education Access 105

Security Affairs

APRIL 6, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware 79

Ransomware IT Manufacturing Education 79

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities 99

Energy and Utilities Communications Military Manufacturing 99

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. The LockBit ransomware operation operated under a Ransomware-as-a-Service (RaaS) model, recruiting affiliates to carry out ransomware attacks through the utilization of LockBit ransomware tools and infrastructure.

Energy and Utilities 106

Energy and Utilities Ransomware Agriculture Financial Services 106

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide. .

Energy and Utilities 98

Energy and Utilities Military Government Phishing 98

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Exposed sensitive files On February 17, 2023, the Cybernews research team discovered public access to sensitive files hosted on dimasvolvo.com.br The issue causing the leak has been fixed.

Retail 93

Retail Manufacturing Communications Passwords 93

The Last Watchdog

OCTOBER 25, 2023

25, 2023 – Hardware cybersecurity solutions pioneer Flexxon (the “Company”) today announced the appointment of ex-Intel and Microsoft executive Mr Ravi Agarwal to its advisory board. Its X-PHY Cybersecure SSD was unveiled in 2021 and has since been integrated into laptops from leading PC manufacturers including Lenovo, HP, ASUS and more.

IT 100

IT Cybersecurity Marketing Manufacturing 100

Security Affairs

DECEMBER 13, 2023

In November 2023, the experts noticed that the botnet started targeting Axis IP cameras, such as the M1045-LW, M1065-LW, and p1367-E. The KV-botnet logical network map, December 2023 In May, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. and Guam without being detected.

Communications 113

Communications Manufacturing Education Government 113

Security Affairs

JUNE 16, 2023

The US authorities arrested the man in Arizona last month DoJ states that from at least as early as August 2020 to March 2023, Astamirov and other members of the LockBit ransomware gang committed wire fraud and compromised many computer systems worldwide attempting to extort the victims of ransomware attacks. law enforcement).

Ransomware 87

Ransomware Agriculture Education Government 87

Security Affairs

JUNE 3, 2023

Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. New #ransomware #BlackSuit targets Windows, #Linux.

Ransomware 95

Ransomware Encryption File names Cybersecurity 95

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT 91

IoT Mining Manufacturing Education 91

Security Affairs

APRIL 9, 2023

The defendant was arrested in Estonia on March 28, 2023, he used several Estonian-based business entities (the “Estonian Shell Companies”) to buy goods that would have been unavailable to Russian end-users. “As alleged in the indictment and other court filings, Shevlyakov procured sensitive electronics from U.S.

Computer and Electronics 85

Computer and Electronics Military Manufacturing Government 85

Security Affairs

APRIL 12, 2023

Data breach at @Hyundai_Italia : pic.twitter.com/oMMcFiG2Ud — Troy Hunt (@troyhunt) April 11, 2023 In response to the incident, the company has taken the impacted systems offline. In April 2017, security vulnerabilities in the Hyundai Blue Link mobile apps could have allowed hackers to locate, unlock and start vehicles of the carmaker.

Data breaches 93

Data breaches Manufacturing Cybersecurity Education 93

Security Affairs

FEBRUARY 21, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. reads the press release published by DoJ.

Energy and Utilities 91

Energy and Utilities Ransomware Agriculture Manufacturing 91

Security Affairs

APRIL 4, 2023

As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant.

Manufacturing 82

Manufacturing Cybersecurity Education Security 82

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education.

Ransomware 91

Ransomware Encryption Cybersecurity Communications 91

Security Affairs

FEBRUARY 20, 2024

The NCA and its global partners have secured over 1,000 decryption keys that will allow victims of the gang to recover their files for free. In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023.

Energy and Utilities 101

Energy and Utilities Ransomware Manufacturing Agriculture 101

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security 132

Security Data breaches Ransomware Military 132

IT Governance

DECEMBER 5, 2023

The security researcher Bob Diachenko of SecurityDiscovery first identified the exposed information in mid-September. Data breached: over 300 million records. The company’s description of the incident suggested ransomware. We’ve also found 9 organisations providing a significant update on a previously disclosed incident.

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

IT Governance

JANUARY 3, 2024

We’ll also soon publish our 2023 review of publicly disclosed incidents and records known to be breached across the year, as well as our quarterly report, so keep an eye on our blog. billion records The security researcher Jeremiah Fowler discovered an unprotected database exposing more than 1.5 Data breached: >151,000,000 records.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. million LivaNova Source 1 ; source 2 (New) Manufacturing UK Yes 2.2 million LivaNova Source 1 ; source 2 (New) Manufacturing UK Yes 2.2 Source (New) Manufacturing Canada Yes 1.2

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

MARCH 11, 2024

Cybernews’s research team discovered the MongoDB server in December 2023 and contacted Glosbe. Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Glosbe did not reply, but the open instance was soon closed. Data breached: 6,935,412 individuals’ data.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

APRIL 22, 2024

Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. million accounts compromised in Le Slip Français data breach The French underwear manufacturer Le Slip Français has suffered a data breach. Data breached: 5,300,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Security Affairs

NOVEMBER 25, 2023

ransomfeed #security #infosec #energychina pic.twitter.com/deRRximVPd — Ransomfeed (@ransomfeed) November 25, 2023 The China Energy Engineering Corporation (CEEC) is a state-owned company in China that operates in the energy and infrastructure sectors. The Rhysida ransomware group has been active since May 2023.

Ransomware 120

Ransomware Manufacturing Education Libraries 120

Security Affairs

NOVEMBER 20, 2023

pic.twitter.com/Wdj7VfkWXa — British Library (@britishlibrary) November 20, 2023 The library plans to partially restore many services in the next few weeks, but it believes that some disruption may persist for longer. The report includes IOCs and TTPs identified through investigations as recently as September 2023.

Libraries 115

Libraries Ransomware Manufacturing Education 115

Security Affairs

DECEMBER 26, 2023

pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The Rhysida ransomware group has been active since May 2023. The report includes IOCs and TTPs identified through investigations as recently as September 2023.

Ransomware 123

Ransomware Manufacturing Education Libraries 123