Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Security Affairs

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware. Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week.

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Security Affairs

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

Security Affairs

REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer. Quanta Computer is a Taiwan-based manufacturer of notebook computers and other electronic hardware.

Securing Elections

Schneier on Security

Today, we conduct our elections on computers. Our registration lists are in computer databases. And our tabulation and reporting is done on computers. We do this for a lot of good reasons, but a side effect is that elections now have all the insecurities inherent in computers. In 2007, the states of California and Ohio conducted audits of their electronic voting machines. We can securely bank online, but can't securely vote online.

Paper 81

Supply Chain Security 101: An Expert’s View

Krebs on Security

alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We talked at length about many issues, including supply chain security, and I asked Sager whether he’d heard anything about rumors that Supermicro — a high tech firm in San Jose, Calif. Tony Sager, senior vice president and chief evangelist at the Center for Internet Security.

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. Manufacturers will be required to adhere to the new cybersecurity safeguards when designing and producing these products.

IoT 69

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs

Security Affairs

Razer is a popular manufacturer of computer accessories, including gaming mouses and keyboards. The flaw was discovered by the security researcher jonhat that disclosed it via Twitter: Need local admin and have physical access?

US DoJ announced to have shut down the Russian RSOCKS Botnet

Security Affairs

The RSOCKS was composed of millions of compromised computers and other electronic devices around the world, including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. The U.S.

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. In most of the plants, manufacturing operations were shut down at most plants.

BlackMatter ransomware gang hit Technology giant Olympus

Security Affairs

Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. Japan-headquartered Olympus manufactures optical and digital reprography technology for the medical and life sciences industries.

Enhance your security posture by detecting risks on authenticator devices

Thales Cloud Protection & Licensing

Enhance your security posture by detecting risks on authenticator devices. This is especially relevant to an organization’s security posture. We frequently hear from IT security professionals that “the risk associated with the mobile device is something we care about.

Cloud 72

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Thales Cloud Protection & Licensing

What’s driving the security of IoT? The Urgency for Security in a Connected World. There are so many reasons why manufacturers connect their products to the Internet, whether it’s industrial machines, medical devices, consumer goods or even cars. Device Security is Hard.

Cloud 72

Enhance your security posture by detecting risks on authenticator devices

Thales Cloud Protection & Licensing

Enhance your security posture by detecting risks on authenticator devices. This is especially relevant to an organization’s security posture. We frequently hear from IT security professionals that “the risk associated with the mobile device is something we care about.

Cloud 62

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

The existence of a secret SAS mobile hacker squad, named MAB5 and under the control of the Computer Network Operations (CNO) Exploitation, was revealed by a job ad published by the UK’s Ministry of Defence on an external website, reported Alan Turnbull of Secret Bases.

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

It is the largest office furniture manufacturer in the world. In an 8-K form filed with the Securities and Exchange Commission (SEC), the company has disclosed the ransomware attack that took place on October 22nd, 2020.

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

Once it’s inside, Ryuk can spread across network servers through file shares to individual computers,” reads a post published by SBI. The post The City of Durham shut down its network after Ryuk Ransomware attack appeared first on Security Affairs.

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

A cyber attack was detected on the Sopra Steria computer network on the evening of October 20. Security measures have been taken to limit the risk of propagation.” The post Sopra Steria hit by the Ryuk ransomware gang appeared first on Security Affairs.

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found. The security flaws involve iLnkP2P , software developed by China-based Shenzhen Yunni Technology. Additional reading: Some Basic Rules for Securing your IoT Stuff.

IoT 210

Understanding IoT Security Challenges – An Interview with an Industry Expert

Thales Cloud Protection & Licensing

It is no secret that security plays a very important part in the successful deployment and management of this technology, and its applications are set to transform the way we live and do business. What is the biggest security challenge facing the growing IoT? For Secure IoT, all connected devices and services must have trusted identities. How is Nexus involved in ensuring a more secure credentialing and enrollment process? Data security

Cloud 77

DHS warns of cyber attacks against small airplanes

Security Affairs

The scenario is disconcerting, hackers could manipulate the electronic systems in the small airplanes to force them displaying false flight data to the pilot, with unpredictable consequences. ” reads the alert published by the US Department of Homeland Security’s (DHS). Patrick Kiley, a senior security consultant at Rapid7 conducted an investigation into the security of avionics systems inside small airplanes.

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. based tech firm to secretly embed tiny computer chips into electronic devices purchased and used by almost 30 different companies. It also dominates the $1 billion market for boards used in special-purpose computers, from MRI machines to weapons systems.

IT 183

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Hacking avionics systems through the CAN bus

Security Affairs

An expert analyzed the level of security of avionics systems used in small airplanes, and the results are disconcerting. Patrick Kiley, a senior security consultant at Rapid7 conducted an investigation into the security of avionics systems inside small airplanes. The expert focused the analysis on the Controller Area Network (CAN) bus implements by two commercially available avionics systems from aircraft manufacturers who specialize in light aircraft.

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Security Affairs

aka Baobeilong, aka Zhang Jianguo, aka Atreexp, both nationals of the People’s Republic of China (China), with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft was announced today. “Zhu and Zhang were members of a hacking group operating in China known within the cyber security community as Advanced Persistent Threat 10 (the APT10 Group).”

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

The email allowed the intruders to install malware on the victim’s PC and to compromise a second computer at the bank that had access to the STAR Network , a system run by financial industry giant First Data that the bank uses to handle debit card transactions for customers. That second computer had the ability to manage National Bank customer accounts and their use of ATMs and bank cards.

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”).

List of data breaches and cyber attacks in June 2021 – 9.8 million records breached

IT Governance

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. June’s figures bring the annual running total of security incidents to 729 and the total number of breached records to 3,947,030,094.

List of data breaches and cyber attacks in December 2020 – 148 million records breached

IT Governance

We logged 134 security incidents in December, which accounted for 148,354,955 breached records. What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded?

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

Service providers and 5G-enabled device manufacturers both have critical roles to play in the success and sustainability of this wireless network rollout. There are no secure implementation guides or standards for network operators. National Strategy to Secure 5G (NTIA).

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

Security Affairs

Since blogging is not my business, I do write on my personal blog to share knowledge on Cyber Security, I will describe some of the main steps that took me to own the attacker infrastructure. It appeared clear to me that Stage1 was in charged of evading three main AVs such as: Kaspersky Lab, Panda Security, and Trend Micro by running simple scans on Microsoft Regedit and dropping and executing additional software. C:WindowssysWOW64wbemwmiprvse.exe -secured -Embedding. "C:Program

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

Related: Port Covington cyber hub project gets underway That’s because Maryland is home to more than 40 government agencies with extensive cyber programs, including the National Security Agency, National Institute of Standards and Technology, Defense Information Systems Agency, Intelligence Advanced Research Projects Activity, USCYBERCOM, NASA and the Department of Defense’s Cyber Crime Center. With employees groomed at the likes of the National Security Agency, U.S

The Hacker Mind Podcast: Car Hacking 0x05

ForAllSecure

That’s perhaps because of a dedicated group of hackers who are working to improve automotive security. The point here is that we aren't used to thinking about our cars as computing devices, and yet they are if common thieves are using laptops and mobile devices to gain access to them.

Regulation of AI-Based Applications: The Inevitable New Frontier

AIIM

There must be a balance between promoting AI innovation, its social utility, and safeguarding consumer rights, even though it is “ uncharted territory for an age that is passing the baton from human leadership to machine learning emergence, automation, robotic manufacturing and deep learning reliance. ”. Privacy Information Security Artificial Intelligence (AI According to the 2019 IDC study of spending on Artificial Intelligence (AI), it's estimated to reach $35.8

Part 1: OMG! Not another digital transformation article! Is it about understanding the business drivers?

ARMA International

This means imaging the “art of the possible” for a new future using a cloud computing model to deliver transformative change. Organizations use DRM technologies and solutions to securely manage intellectual property (IP) rights and monetize the content. Abstract.

Different types of cyber attacks

IT Governance

Malware is designed to disrupt and gain unauthorised access to a computer system. Social engineering deceives and manipulates individuals into divulging sensitive information by convincing them to click malicious links or grant access to a computer, building or system. This is done via electronic communication, most commonly by email, and can inflict enormous damage on organisations. It then monitors your computer activity and collects personal information.

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world.

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world.

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world.

AUSTRALIA: Assistance and Access Act, December 2018 – Holy grail of uncertainty created by new rushed-in data encryption laws

DLA Piper Privacy Matters

It also amends a host of other Criminal Code and Crimes legislation providing new and additional powers to national intelligence agencies, including the Australian Border Force, in relation to the use of existing computer and data access warrants and powers, a crackdown on whistle-blowers, as well as increased penalties for non-compliance (up to AUD$10 million per offence in many cases).

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

Vamosi: But as someone who wrote a book questioning the security of our mass produced IoT devices, I wonder why no one bothered to test and certify these devices before they were installed? And on the other hand, we're saying security, that's a secondary concern.