Communications, Groups and Manufacturing - Information Management Today

Chinese APT Group Uses New Tradecraft to Live Off the Land

Data Breach Today

JUNE 26, 2023

Group Targeting Transportation, Construction, Government Agencies, CrowdStrike Says A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike.

Manufacturing

Manufacturing Education Communications Government

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

Documents belonging to the Swiss Air Force were leaked on the dark web after the US security company Ultra Intelligence & Communications suffered a data breach. Ultra Intelligence & Communications has been breached by BlackCat. Ultra Intelligence & Communications has allegedly been breached by BlackCat.

Communications

Communications Ransomware Data breaches Manufacturing

US offers $10 million reward for info on Hive ransomware group leaders

Security Affairs

FEBRUARY 8, 2024

Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards up to $10,000,000 for information leading to the identification and/or location of the leaders of the Hive ransomware group.

Ransomware

Ransomware Blockchain Manufacturing Analytics

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Researchers also discovered that the APT group used an updated version of its ShadowPad malware. What we’ve found is not exactly what we were looking for to begin with.

Manufacturing

Manufacturing Paper Communications IT

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd.

Manufacturing

Manufacturing Retail Sales Communications

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007.

File names

File names Encryption Manufacturing Libraries

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Data Matters

DECEMBER 9, 2021

The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.

Communications

Communications Manufacturing Risk Data collection

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon , using a novel tradecraft to gain initial access to target networks. ” concludes the report.

Cleanup

Cleanup Libraries Access Manufacturing

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

The Last Watchdog

NOVEMBER 12, 2023

This is precisely what the consortium of software companies and device manufacturers, led Google, Amazon and Apple, set out to achieve when Matter was conceived four years ago. Email remains far and away the most widely used business communication tool, and thus a primary target. We’re also moving on smart commercial buildings.

Security

Security Manufacturing Authentication Marketing

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

SEPTEMBER 21, 2023

21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Each participating organization is committed to developing cyber skills and programs to train the workforce across a wide range of industries, including manufacturing.

Cybersecurity

Cybersecurity Manufacturing Military Artificial Intelligence

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

The Last Watchdog

FEBRUARY 15, 2024

Paul Greene , CIPP/US, CIPP/E, CIPM, FIP, Harter Secrest & Emery’s Privacy and Data Security practice group helps clients respond to data security incidents of all kinds. NetDiligence-authorized Breach Coach ® firms are selected based on their experience, competency, thought leadership, and industry engagement. Greene Led by partner F.

Data breaches

Data breaches Financial Services Big data Retail

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The group managed to maintain access without being detected for as long as possible. According to Microsoft, the campaign aimed at building capabilities that could disrupt critical communications infrastructure between the United States and Asia region in the case of future crises. and Guam without being detected.

Communications

Communications Manufacturing Education Government

LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

Security Affairs

MARCH 14, 2023

The LockBit ransomware group claims to have stolen confidential data belonging to SpaceX from the systems of Maximum Industries. Maximum Industries is a full-service, piece-part production, and contract manufacturing facility. The group claims to have stolen roughly 3,000 “drawings certified by space-x engineers.”

Ransomware

Ransomware Manufacturing Communications IT

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. In October 2022, the Snatch ransomware group claimed to have hacked the French company HENSOLDT France.

Ransomware

Ransomware Computer and Electronics Military Agriculture

Q&A: Here’s how the ‘Matter’ protocol will soon reduce vulnerabilities in smart home devices

The Last Watchdog

AUGUST 1, 2022

It also represents digital trust [insert the way we are defining DT] between all compliant devices from different manufacturers. Secured unicast and group communications. For instance, would the alliance be happy if Matter wins over more smart home platform suppliers and device manufacturers?).

IoT

IoT Manufacturing Privacy Authentication

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Agriculture

Agriculture Data collection Access Manufacturing

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

A China-linked APT group, tracked as Volt Typhoon, breached critical infrastructure organizations in the U.S. China-linked APT cyber espionage group Volt Typhoon infiltrated critical infrastructure organizations in the U.S. The group managed to maintain access without being detected for as long as possible.

Communications

Communications Manufacturing Access Archiving

China-Linked APT15 group is using a previously undocumented backdoor

Security Affairs

JULY 23, 2019

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Experts discovered that since December 2016, the APT15 group has been using the previously undocumented backdoor dubbed Okrum. ” reads the report published by ESET.

Communications

Communications Manufacturing Encryption Security

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Security Affairs

AUGUST 7, 2023

Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups.

Military

Military Communications Manufacturing Phishing

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB JP Original Corp Source New Manufacturing USA Yes 1.2 TB KSA Architecture Source New Construction and real estate USA Yes 1.5

Data Privacy

Data Privacy Manufacturing Privacy Security

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , leverages a steganography-based loader to deliver backdoors on compromised systems. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. Pierluigi Paganini.

Libraries

Libraries Encryption Communications Manufacturing

TWAIN Working Group Announces TWAIN Direct Developers Day Event: participants will develop a TWAIN Direct document scanning application in one day

Info Source

JULY 28, 2022

This event will encourage scanner manufacturers, Independent Software Vendors as well businesses evolve their Capture strategy with driverless web and mobile document scanning applications by eliminating the need for legacy USB scanner connectivity. stated Joseph Odore, TWAIN Working Group Chair.

Manufacturing

Manufacturing Communications Marketing Access

TWAIN Working Group Announces TWAIN Direct Developers Day Event: participants will develop a TWAIN Direct document scanning application in one day

Info Source

JULY 28, 2022

This event will encourage scanner manufacturers, Independent Software Vendors as well businesses evolve their Capture strategy with driverless web and mobile document scanning applications by eliminating the need for legacy USB scanner connectivity. stated Joseph Odore, TWAIN Working Group Chair.

Manufacturing

Manufacturing Communications Marketing Access

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

A cyber-espionage group, tracked as APT40, apparently linked to the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative. The cyber-espionage group tracked as APT40 (aka TEMP. Periscope , TEMP. ” reads the analysis published by FireEye. ” continues the analysis.

Phishing

Phishing Passwords Manufacturing Government

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Source New Manufacturing USA Yes 20,415 TECA Srl Source New Transport Italy Yes 16.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7 Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware

Ransomware Blockchain Manufacturing Analytics

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

The Last Watchdog

NOVEMBER 14, 2022

What they came up with is an open-source standard designed to ensure that smart home devices from different manufacturers can communicate simply and securely via an advanced type of mesh network. . If it’s there, it greenlights the communication and now two secure, compliant devices can interoperate.

IoT

IoT Manufacturing Encryption Authentication

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

Over the course of the few weeks after this variant was released, we noticed one IP address in particular communicating with this C2 server.” This conclusion is not a huge leap as the malware author(s) offer both dedicated purchasing and support lines through their respective Telegram groups.” This variant uses 207[.]32.217.89

Manufacturing

Manufacturing File names Archiving Encryption

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

At least three major industry groups are working to counter the latest cyber threats and scams. Nevertheless, these group have continued to target companies on the periphery of the pandemic response, including virus testing labs, N95 mask production facilities, and companies engaged in vaccine research.

Cybersecurity

Cybersecurity Phishing Government Ransomware

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. Communication to and from the EdgeRouters involved encryption using a randomly generated 16-character AES key.

Energy and Utilities

Energy and Utilities Military Government Phishing

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. Once installed the malware contact the hard-coded.onion address using an embedded custom TOR client designed to communicate with the real payload using shared memory and it to await further commands.

Government

Government Communications Ransomware Manufacturing

Win the connected and autonomous car race while protecting data privacy

Thales Cloud Protection & Licensing

FEBRUARY 28, 2022

By 2025, 115 Million vehicles will be sold with over-the-air update capabilities, almost four times as much as in 2020, and the Boston Consulting Group expect 12 million fully autonomous vehicles a year to be sold by 2035. This honeypot of information puts manufacturers at major risk from cyber attacks.

Data Privacy

Data Privacy Privacy Manufacturing Digital transformation

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

Security Affairs

MAY 16, 2021

The Avaddon ransomware gang is giving Acer Finance 240 hours to communicate and cooperate with them before start leaking the stolen valuable company documents. ” reads the statement published by the group on its leak site. . ” reads the statement published by the group on its leak site.

Ransomware

Ransomware Manufacturing Communications Risk

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

Unlike other ransomware operations, Royal doesn’t offer Ransomware-as-a-Service, it appears to be a private group without a network of affiliates. The operators have recently been observed using the Chisel tunneling tool for C2 communication. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Encryption Cybersecurity Communications

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations. ” concludes Mandiant.

Manufacturing

Manufacturing Access Government Communications

Researchers analyzed the PREDATOR spyware and its loader Alien

Security Affairs

MAY 29, 2023

“New analysis from Talos uncovered the inner workings of PREDATOR and the mechanisms it uses to communicate with the other spyware component deployed along with it known as “ALIEN.” ALIEN hooks the ioctl() function in libbinder.so, which is used in the Android framework for inter-process communication.

IT

IT Communications Access Manufacturing

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

The researchers attribute the campaigns to the China-linked APT15 cyberespionage group (aka Nickel, Ke3chang , Mirage , Vixen Panda , Royal APT and Playful Dragon). “Overlapping infrastructure and TTPs indicate these campaigns are connected to APT15, a Chinese-backed hacking group that’s also known as VIXEN PANDA and NICKEL.

Communications

Communications Manufacturing Government Security

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

. “According to the SBI, the ransomware, named Ryuk, was started by a Russian hacker group and finds its way into a network once someone opens a malicious email attachment. “IT officials are working to get the communication systems back online.” 911 calls, though, are being answered.”

Ransomware

Ransomware IT Computer and Electronics Mining

Chinese APT Group Uses New Tradecraft to Live Off the Land

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Webinars

Trending Sources

US offers $10 million reward for info on Hive ransomware group leaders

Webinars

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Eken camera doorbells allow ill-intentioned individuals to spy on you

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

China-linked APT41 group targets Hong Kong with Spyder Loader

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

FBI chief says China is preparing to attack US critical infrastructure

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

News alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach Coac

China-linked APT Volt Typhoon linked to KV-Botnet

LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Q&A: Here’s how the ‘Matter’ protocol will soon reduce vulnerabilities in smart home devices

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

China-linked APT Volt Typhoon targets critical infrastructure organizations

China-Linked APT15 group is using a previously undocumented backdoor

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

TWAIN Working Group Announces TWAIN Direct Developers Day Event: participants will develop a TWAIN Direct document scanning application in one day

TWAIN Working Group Announces TWAIN Direct Developers Day Event: participants will develop a TWAIN Direct document scanning application in one day

APT40 cyberespionage group supporting growth of China’s naval sector

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

French authorities arrested a Russian national for his role in the Hive ransomware operation

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

New RedLine malware version distributed as fake Omicron stat counter

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Raspberry Robin malware used in attacks against Telecom and Governments

Win the connected and autonomous car race while protecting data privacy

Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia

The U.S. CISA and FBI warn of Royal ransomware operation

China-linked APT likely linked to Fortinet zero-day attacks

Researchers analyzed the PREDATOR spyware and its loader Alien

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

The City of Durham shut down its network after Ryuk Ransomware attack

Stay Connected