Communications, Government and Manufacturing - Information Management Today

District Court Finds Communications Decency Act Provides Automotive Device Manufacturer Immunity for Clean Air Act Violations

Data Matters

APRIL 4, 2024

The decision gives effect to the CDA as drafted and will make it significantly harder for the government to hold manufacturers and online retailers liable for content, including software, created and sold by third parties. This decision of first impression offers an important precedent in the automotive industry and beyond.

Manufacturing

Manufacturing Communications Retail Sales

Chinese APT Group Uses New Tradecraft to Live Off the Land

Data Breach Today

JUNE 26, 2023

Group Targeting Transportation, Construction, Government Agencies, CrowdStrike Says A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike.

Manufacturing

Manufacturing Education Communications Government

UK urges to disconnect Chinese security cameras in government buildings

Security Affairs

NOVEMBER 24, 2022

The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive buildings due to security risks. Federal Communications Commission (FCC).

Government

Government Security Risk Manufacturing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Why IDMP compliance requires adaptive data governance

Collibra

MAY 5, 2022

For instance, at the end of October 2021, the European Medicines Agency (EMA) communicated a change in the implementation strategy for IDMP, requiring a more agile and data-centric approach. This means that pharmaceutical companies need to adopt IDMP and govern their data to ensure: They can produce the required attributes and identifiers.

Compliance

Compliance Government Healthcare Cloud

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government

Government Communications Ransomware Manufacturing

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Data Matters

DECEMBER 9, 2021

The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.

Communications

Communications Manufacturing Risk Data collection

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Critical Vulnerabilities in GPS Trackers

Schneier on Security

JULY 21, 2022

The China-based manufacturer says 1.5 BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies. million of its tracking devices are deployed across 420,000 customers.

Manufacturing

Manufacturing Military Communications Authentication

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government

Government Communications Ransomware Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware

Ransomware Blockchain Manufacturing Analytics

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers. Lithuanian government experts have analyzed three specific smartphone models, the Huawei P40 5G, the Xiaomi Mi 10T 5G and the OnePlus 8T 5G. reads the reply of Xiaomi.

Information Security

Information Security Manufacturing Security Communications

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

Communications

Communications Manufacturing Education Government

U.S. Commerce Department Issues Interim Regulations Establishing Review Process for Information and Communications Technology and Services Supply Chains

Data Matters

JANUARY 28, 2021

The new review mechanism focuses on transactions involving any acquisition, importation, transfer, installation, dealing in, or use of ICTS that has been designed, developed, manufactured, or supplied by parties owned by, controlled by, or subject to the jurisdiction or direction of “foreign adversaries.”. North Korea.

Communications

Communications Artificial Intelligence Risk Manufacturing

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. After all, government mandates combined with industry standards are the twin towers of public safety. Related: The need for supply chain security This is to be expected.

IoT

IoT Security Manufacturing Cybersecurity

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. .”

Manufacturing

Manufacturing Government Risk Communications

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

After looking at 28 of the most popular manufacturers, our research team found 3.5 What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. Most of the public-facing cameras we discovered are manufactured by the Chinese company Hikvision: the Cybernews research team found over 3.37

Passwords

Passwords Manufacturing Authentication Government

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Security

Security Manufacturing Passwords Ransomware

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

Security Affairs

APRIL 26, 2023

German government warns that technology to regulate power consumption in Huawei network appliances could be used for sabotage purposes. government officials as well as European security authorities, which have warned of the risks associated with Chinese telecoms equipment.” The activity will be completed in the coming months.

Government

Government Communications Risk Cybersecurity

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

JANUARY 22, 2021

As more information about IoT device vulnerabilities is published, the pressure on industry and government authorities to enhance security standards might be reaching a tipping point. government, standards will not apply to the IoT market at-large. government, standards will not apply to the IoT market at-large.

IoT

IoT Cybersecurity Manufacturing Government

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. manufacturers on behalf of Russian end-users, including defense contractors and other Russian government agencies.

Computer and Electronics

Computer and Electronics Military Manufacturing Government

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. ” reads the joint report. ” concludes the report. .

Energy and Utilities

Energy and Utilities Military Government Phishing

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

Mark Rogers , one of several people helping to manage the CTI League’s efforts, told Reuters the top priority of the group is working to combat hacks against medical facilities and other frontline responders to the pandemic, as well as helping defend communication networks and services that have become essential as more people work from home.

Cybersecurity

Cybersecurity Phishing Government Ransomware

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Source Update Finance USA Yes 4,673 North Hill (North Hill Communities, Inc., Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7 GB AGC Flat Glass North America, Inc.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB KSA Architecture Source New Construction and real estate USA Yes 1.5

Data Privacy

Data Privacy Manufacturing Privacy Security

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations. ” concludes Mandiant.

Manufacturing

Manufacturing Access Government Communications

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

According to Microsoft, the campaign aims at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

Communications

Communications Manufacturing Access Archiving

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

The campaign began in June 2022 and is still ongoing, the attacks hit organizations in multiple industries, such as Automotive, Chemicals Manufacturing, and others. ” reads the post published by Zscaler. The ZIP archive contains the Grandoreiro Loader module with a PDF Icon in order to lure the victim into opening it.

Archiving

Archiving Phishing Communications Manufacturing

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military spacecraft. Treasury Department in July 2014 due to its support to the Russian government in attempting of destabilizing eastern Ukraine and its ongoing occupation of Crimea. The Russian firm was sanctioned by the U.S.

Military

Military Communications Manufacturing Phishing

News Alert: Utimaco finds regional disparities in consumers’ level of trust in digital security

The Last Watchdog

JULY 10, 2023

At Utimaco, we see our role as being not just about creating hardware and software that provides the ‘root of trust in a digital world’, but also communicating to our customers about the social context of that technology. UTIMACO is one of the world’s leading manufacturers in its key market segments.

IoT

IoT Security Cybersecurity Compliance

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

Two of these malware strains are remote access trojans (RATs), respectively tracked as NineRAT and “DLRAT” The former relies on Telegram bots and channels for C2 communications. The experts observed the use of NineRAT at around September 2023 against a European manufacturing entity.

Agriculture

Agriculture Data collection Access Manufacturing

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

Huawei can secretly tap into communications through the networking equipment, states a U.S. In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. official , while White House urge allies to ban the Chinese giant. “U.S.

Manufacturing

Manufacturing Access Government Communications

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” ” states the alert.

Ransomware

Ransomware Encryption Communications Manufacturing

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Blockchain Manufacturing Analytics

Securing the Identities of Connected Cars

Thales Cloud Protection & Licensing

SEPTEMBER 9, 2021

Manufacturing is one of the most attacked industries, facing a range of cybersecurity challenges. Thales and PrimeKey are partnering to offer a hybrid approach to securing PKI key management which can assist modern industries that are looking for a unified PKI governance solution. Use case: manufacturing enterprise.

Security

Security Manufacturing Cloud IoT

Autonomous Vehicles – Canada’s Current Legal Framework: Cybersecurity Considerations (Part 2)

Data Protection Report

NOVEMBER 22, 2022

AV manufacturers will need to consider these risks and address them early in the design and development process of their products. AVs are also equipped with technologies to enable communication with other systems (e.g., The emergence of autonomous vehicles (AVs) in Canada will present a number of cybersecurity challenges and risks.

Cybersecurity

Cybersecurity Manufacturing Risk Access

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. The operators have recently been observed using the Chisel tunneling tool for C2 communication.

Ransomware

Ransomware Encryption Cybersecurity Communications

Autonomous Vehicles – Canada’s Current Legal Framework: A Primer (Part 1)

Data Protection Report

OCTOBER 5, 2022

In Ontario, the Automated Vehicle Pilot Program is currently in place to permit the testing of certain AVs by vehicle manufacturers. In Canada, driving and road safety is a shared responsibility between provincial/territorial and federal governments. As such, the deployment of AVs requires action from both levels of government.

Manufacturing

Manufacturing Government Cybersecurity Compliance

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

The Avaddon ransomware gang is giving Acer Finance 240 hours to communicate and cooperate with them before start leaking the stolen valuable company documents. The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. ” reads the statement published by the group on its leak site.

Ransomware

Ransomware Manufacturing Communications Risk

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of those surveyed: 36% of businesses and charities that were aware of the GDPR had created or changed policies and procedures; 21% of businesses and 10% of charities had provided additional staff training or communications; and. The industries with the least awareness were construction (25%) and production and manufacturing (27%).

GDPR

GDPR Government Education Compliance

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Major Belgium’s telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei. One of the major Belgium telecom operator Proximus announced on Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei.

Manufacturing

Manufacturing Risk Communications Security

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. Over 70% of these apps were found in Uyghur-language communication channels within the second half of 2022.”

Communications

Communications Manufacturing Government Security

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

“IT officials are working to get the communication systems back online.” The list of the victims of the Ryuk ransomware is very long and includes the US government contractor Electronic Warfare Associates (EWA) , US railroad company Railworks , Croatian petrol station chain INA Group , and parts manufacturer Visser Precision.

Ransomware

Ransomware IT Computer and Electronics Mining

District Court Finds Communications Decency Act Provides Automotive Device Manufacturer Immunity for Clean Air Act Violations

Chinese APT Group Uses New Tradecraft to Live Off the Land

Webinars

Trending Sources

UK urges to disconnect Chinese security cameras in government buildings

Webinars

Why IDMP compliance requires adaptive data governance

Raspberry Robin malware used in attacks against Telecom and Governments

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Critical Vulnerabilities in GPS Trackers

Raspberry Robin malware used in attacks against Telecom and Governments

FBI chief says China is preparing to attack US critical infrastructure

US offers $10 million reward for info on Hive ransomware group leaders

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

China-linked APT Volt Typhoon linked to KV-Botnet

U.S. Commerce Department Issues Interim Regulations Establishing Review Process for Information and Communications Technology and Services Supply Chains

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

3.5m IP cameras exposed, with US in the lead

Security Affairs newsletter Round 377

A component in Huawei network appliances could be used to take down Germany’s telecoms networks

The IoT Cybersecurity Act of 2020: Implications for Devices

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

China-linked APT likely linked to Fortinet zero-day attacks

China-linked APT Volt Typhoon targets critical infrastructure organizations

Grandoreiro banking malware targets Mexico and Spain

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

News Alert: Utimaco finds regional disparities in consumers’ level of trust in digital security

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

US officials claim Huawei Equipment has secret backdoor for spying

Cuba ransomware gang hacked 49 US critical infrastructure organizations

French authorities arrested a Russian national for his role in the Hive ransomware operation

Securing the Identities of Connected Cars

Autonomous Vehicles – Canada’s Current Legal Framework: Cybersecurity Considerations (Part 2)

The U.S. CISA and FBI warn of Royal ransomware operation

Autonomous Vehicles – Canada’s Current Legal Framework: A Primer (Part 1)

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Government survey reveals GDPR awareness is falling short

Belgium telecom operators Proximus and Orange drop Huawei

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

The City of Durham shut down its network after Ryuk Ransomware attack

Stay Connected