Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing 133

Manufacturing e-Delivery IT Security 133

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 91

Access Financial Services Retail Insurance 91

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” states the DoJ.

Energy and Utilities 96

Energy and Utilities Government Cybersecurity Military 96

Schneier on Security

JULY 21, 2022

The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.

Manufacturing 114

Manufacturing Military Communications Authentication 114

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government 52

Government Communications Ransomware Manufacturing 52

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. After looking at 28 of the most popular manufacturers, our research team found 3.5 Surge in internet-facing cameras.

Passwords 131

Passwords Manufacturing Authentication Government 131

Security Affairs

FEBRUARY 16, 2024

government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. This additional reward aims to target affiliated and initial access brokers involved and that facilitated the attacks of the group. ” reads the press release.

Ransomware 114

Ransomware Government Manufacturing Access 114

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. VPNs, RDPs) to gain initial access to the target network and maintain persistence. The victims of the group are “targets of opportunity.”

Ransomware 116

Ransomware Manufacturing Education Passwords 116

Security Affairs

APRIL 19, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In fact, the U.S.

Energy and Utilities 100

Energy and Utilities Communications Military Manufacturing 100

Security Affairs

FEBRUARY 8, 2024

authoring agencies have recently observed indications of Volt Typhoon actors maintaining access and footholds within some victim IT environments for at least five years,” reads the alert. . “the U.S. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities 111

Energy and Utilities Communications Military Manufacturing 111

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. After all, government mandates combined with industry standards are the twin towers of public safety. Related: The need for supply chain security This is to be expected.

IoT 180

IoT Security Manufacturing Cybersecurity 180

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The law enforcement gained access to the decryption keys and provided them to victims, thereby thwarting potential ransom payments of up to $130 million.

Ransomware 109

Ransomware Blockchain Manufacturing Analytics 109

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report.

Energy and Utilities 98

Energy and Utilities Military Government Phishing 98

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT 143

IoT Cybersecurity Manufacturing Government 143

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations.

Manufacturing 88

Manufacturing Access Government Communications 88

Data Protection Report

OCTOBER 17, 2022

The CRA introduces common cybersecurity rules for manufacturers, developers and distributors of products with digital elements, covering both hardware and software. Manufacturers of products must also comply with various requirements relating to the handling of vulnerabilities which are set out in section 2 of Annex I of the CRA.

Manufacturing 131

Manufacturing IT Cybersecurity Marketing 131

Security Affairs

DECEMBER 12, 2023

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Agriculture 103

Agriculture Data collection Access Manufacturing 103

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government 76

Government Energy and Utilities Healthcare Access 76

IT Governance

JANUARY 9, 2024

They accessed 41.5 million customers’ data having gained access via a vulnerability in Hathaway’s Laravel web application framework. million individuals affected HealthEC LLC, a health technology company, has announced that it suffered a data breach in July 2023, in which systems were accessed and files were copied.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Security Affairs

JUNE 1, 2021

Just recently, the group has published a stolen data allegedly belonging to the Mexican Government which still remains available for sale today, and possibly becoming the first cybercriminal group that has touched a major state in Latin America on such a level. Mexican Government data is published for sale. Pierluigi Paganini.

Sales 84

Sales Ransomware Government GDPR 84

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Security 123

Security Manufacturing Passwords Ransomware 123

Data Protection Report

FEBRUARY 23, 2023

Across the globe, the race is already underway among vehicle manufacturers to develop fully autonomous vehicles (AVs). In this post, we will describe some of the risks introduced by personal information collection, and some of the legal obligations of vehicle manufacturers in protecting their customers’ privacy.

Privacy 85

Privacy Manufacturing Artificial Intelligence Data collection 85

Security Affairs

FEBRUARY 28, 2024

” Government experts believe that the increase in targeted attacks against the healthcare sector is the response of the group to law enforcement actions against the Blackcat group in early December 2023. This additional reward aims to target affiliated and initial access brokers involved and that facilitated the attacks of the group.

Ransomware 107

Ransomware Government Insurance Manufacturing 107

Security Affairs

AUGUST 21, 2023

Threat actors leveraged edge routers, or “living on the edge” access, to passively collect traffic and set up a covert C2 infrastructure. One of these virtual private servers was exclusively employed in attacks against entities across Taiwan, including commercial firms and at least one municipal government organization. 169 66.135.22[.]245 ”

Military 83

Military Manufacturing Government Access 83

Hunton Privacy

SEPTEMBER 26, 2022

The 2022 Best Practices describe steps manufacturers can take to improve vehicle cybersecurity in light of emerging risks, taking into account both technological developments as well as other voluntary industry information security standards.

Cybersecurity 55

Cybersecurity Manufacturing Risk Information Security 55

Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers. Lithuanian government experts have analyzed three specific smartphone models, the Huawei P40 5G, the Xiaomi Mi 10T 5G and the OnePlus 8T 5G.

Information Security 104

Information Security Manufacturing Security Communications 104

Security Affairs

NOVEMBER 25, 2020

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information. “Our IT professionals were able to detect the unusual activity and believe we have stopped further unauthorized access of personal data on our servers.”

Data breaches 103

Data breaches Manufacturing Insurance Access 103

Data Protection Report

NOVEMBER 22, 2022

AV manufacturers will need to consider these risks and address them early in the design and development process of their products. There is a real risk that a cyberattackers could gain access to an AV system, retrieve or compromise the information the AV collects, and expose connected third-party systems. brakes, steering, etc.).

Cybersecurity 98

Cybersecurity Manufacturing Risk Access 98

The Last Watchdog

FEBRUARY 20, 2023

One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. The Costa Rican government declared a national emergency , after attackers crippled govenrment systems and demanded $20 million to restore them go normal.

Ransomware 124

Ransomware Cleanup Education Manufacturing 124

Security Affairs

AUGUST 25, 2023

The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with minimal use of malware. Microsoft has not observed The group has been active since mid-2021, it focuses on government agencies and education, critical manufacturing, and information technology organizations in Taiwan.

Manufacturing 86

Manufacturing Education Access Government 86

IT Governance

FEBRUARY 21, 2024

It is not known how long the database was publicly available, nor whether anyone else accessed it. Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Date breached: 384,658,212 records.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

IT Governance

FEBRUARY 14, 2024

Further victims of last year’s Perry Johnson & Associates data breach identified Last year, the medical transcription company PJ&A (Perry Johnson & Associates) suffered a data breach in which an unauthorised third party was able to access its computer network. TB JP Original Corp Source New Manufacturing USA Yes 1.2

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

IT Governance

FEBRUARY 16, 2023

It took almost three weeks for Pepsi Bottling Ventures, the largest bottler of Pepsi-Cola in the US, to spot the intrusion, during which time the attackers had widespread access to its internal systems. Bottling Plant Suffers Malware Attack appeared first on IT Governance UK Blog. The post Is Pepsi Okay?

Data breaches 105

Data breaches Insurance Manufacturing Access 105

Security Affairs

FEBRUARY 13, 2020

officials say Huawei can covertly access telecom networks where its equipment is installed. can covertly access mobile-phone networks around the world through “back doors” designed for use by law enforcement, as Washington tries to persuade allies to exclude the Chinese company from their networks.” “U.S. officials said.

Manufacturing 134

Manufacturing Access Government Communications 134

Security Affairs

FEBRUARY 27, 2024

“On February 21, 2024, UnitedHealth Group (the “Company”) identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems. municipal governments, defense contractors, and critical infrastructure organizations).” ” reads the Reuters.

Ransomware 92

Ransomware Government Insurance Manufacturing 92

Data Matters

MARCH 7, 2022

On 23 February 2022, the European Commission ( Commission ) proposed a draft of a regulation on harmonised rules on fair access to and use of data – also known as the Data Act. Data holders are, however, obliged to take all reasonable measures (technical, legal and organisational) in order to prevent unlawful third-party access to data.

Big data 117

Big data Artificial Intelligence Cloud Manufacturing 117

Security Affairs

DECEMBER 2, 2022

Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. Third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan (RAT) actors, and Industrial Spy ransomware actors.”

Ransomware 88

Ransomware Financial Services Manufacturing Phishing 88