Events, Information Security and Manufacturing - Information Management Today

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. wevtutil.exe A standard Windows Event Utility tool used to view event logs. The victims of the group are “targets of opportunity.”

Ransomware

Ransomware Manufacturing Education Passwords

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

Both FBI and Europol declined to comment on the events. The police on Thursday seized the Tor negotiation and data leak sites. This is an important achievement in the fight against cybercrime. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Manufacturing Government

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

Security Affairs

MARCH 21, 2023

.” In October 2022, the Italian luxury sports car manufacturer confirmed the availability of internal documents online, but said it has no evidence of cyber attack. At the time of this writing, the statement published by the company suggests that the two events are not linked.

Data breaches

Data breaches Manufacturing Cybersecurity Access

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer). ” reads the post published by Cyble.

Military

Military Manufacturing Phishing Government

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. ETL 2023 identified public administration as the most targeted sector (~19%), followed by targeted individuals (~11%), health (~8%), digital infrastructure (~7%) and manufacturing, finance and transport.

Artificial Intelligence

Artificial Intelligence Ransomware Cybersecurity Manufacturing

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

Energy and Utilities

Energy and Utilities Communications Military Manufacturing

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Manufacturing

Manufacturing Passwords Blockchain Cloud

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

Key events include the European Parliament elections in June, the U.S. Leveraging an artificial intelligence-driven system allows for the generation of this content in real-time based on actual events and the level of citizen engagement in public discussions on major social media platforms.

Artificial Intelligence

Artificial Intelligence Government Manufacturing IT

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

The list of victims includes manufacturing organizations, banks, schools, and event and meeting planning companies. The Holy Ghost ransomware gang has been active since June 2021 and it conducted ransomware attacks against small businesses in multiple countries.

Ransomware

Ransomware Encryption Government Manufacturing

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Security Affairs

JUNE 1, 2023

” In the event that the security breach is verified, it is reasonable to speculate that the ransomware group might have compromised sensitive and possibly classified information. .” reads the nessage published on the leak site. We mailed you the login link.” the fashion giant Moncler , and the Swissport.

Ransomware

Ransomware Manufacturing Cybersecurity IT

REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

Security Affairs

APRIL 21, 2021

REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer. Quanta Computer is a Taiwan-based manufacturer of notebook computers and other electronic hardware. Its customers include Apple Inc.,

Ransomware

Ransomware Computer and Electronics IT Manufacturing

DDoS Attacks Skyrocket, Kaspersky Researchers Say

eSecurity Planet

NOVEMBER 11, 2021

Hackers targeted a wide range of organizations, such as banks, mail services, Bitcoin sites, VoIP providers, vaccination registration portals, information security media, gaming platforms, government sites, and even security agencies. Another noticeable event in Q3 was the discovery of the Meris botnet.

Manufacturing

Manufacturing Communications IoT Passwords

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

DECEMBER 16, 2021

of all systems targeted by the PseudoManuscrypt malware are part of industrial control systems (ICS) used by organizations in multiple industries, including Engineering, Building Automation, Energy, Manufacturing, Construction, Utilities, and Water Management. The experts revealed that at least 7.2%

Energy and Utilities

Energy and Utilities Manufacturing Archiving Authentication

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector. To help navigate such security-specific challenges, organisations may find it useful to reference a best-practice standard like ISO 27005 , which offers guidance on managing information security risks.

Risk

Risk Data breaches Authentication Financial Services

3 Ways the Role of CIO Has Changed and Will Continue to Do So Going Forward

Thales Cloud Protection & Licensing

AUGUST 24, 2021

The events of 2020 altered our perspectives on technology, work, life, and society. Take the Chief Information Officer (CIO) as an example. How can you have a conversation about IoT and IIoT security without referencing the user? They all inform IoT and IIoT security as a business priority. Tue, 08/24/2021 - 07:28.

IoT

IoT Manufacturing Digital transformation Compliance

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

GoDaddy discloses a new data breach

Security Affairs

FEBRUARY 18, 2023

SolarWinds Orion product incident), also increase the risk that we, or our customers using our servers and services, will suffer a security breach.” “We expect to continue to expend significant resources to protect against security breaches and other data security incidents. .” ” concludes the company.

Data breaches

Data breaches Military Manufacturing Libraries

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. This sudden surge in attacks is due to the geopolitical events of the current Russian – Ukraine conflict.” ” concludes the report.

Risk

Risk Financial Services Manufacturing Communications

Weekly podcast: Meltdown and Spectre SCADA problems, Apple text bomb and WEF cyber risks

IT Governance

JANUARY 18, 2018

ZDNet reported this week that several manufacturers of industrial systems had reported problems with the fixes, including Rockwell Automation, which “reported a dozen errors that are appearing in its FactoryTalk-based products after installing Microsoft’s Meltdown and Spectre patches for Windows systems”. Well, that’ll do for this week.

Risk

Risk Manufacturing Phishing Information Security

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

a cyber event disrupted energy grid operations in California, Wyoming, and Utah. The news was first reported by E&E News, a “cyber event” interrupted grid operations in parts of the western United States in March, according to a report posted by the Department of Energy. . and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Communications Manufacturing Risk

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Security Affairs

DECEMBER 19, 2023

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware

Ransomware IT Access Manufacturing

Kaspersky found dozens of flaws in 4 open-source VNC software

Security Affairs

NOVEMBER 23, 2019

VNC systems use the remote frame buffer (RFB) protocol to remotely control a device, transfer screen images, mouse movement and keypress events between devices. VNC is widely adopted in industrial environments and many manufacturers of industrial control systems (ICS) leverage on VNC to implement remote control for their products.

Manufacturing

Manufacturing Risk Authentication Passwords

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

IT Governance

MARCH 1, 2023

IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. It follows a mammoth start to the year, with more than 277 million breached records in January , and brings the running total for the year to over 300 million pieces of compromised personal data.

Data breaches

Data breaches Ransomware e-Delivery Government

FTC Recaps Connected Cars Privacy and Security Workshop

Hunton Privacy

JANUARY 10, 2018

Below are some of the key takeaways from the FTC’s paper: Many companies throughout the connected car ecosystem will collect data from vehicles for various purposes, including (1) car manufacturers (such as geolocation data in the event of a crash); (2) manufacturers of infotainment systems (such as data about consumers to allow them to use apps or (..)

Privacy

Privacy Personal data Manufacturing Security

Weekly podcast: TSB, hotel locks and NATO exercise

IT Governance

APRIL 27, 2018

According to F-Secure , flaws in the equipment’s software – Vision by VingCard – mean it’s possible to create master keys that open doors without leaving any record. Until next time you can keep up with the latest information security news on our blog. Visit our website for more information: itgovernance.co.uk.

Military

Military Manufacturing Information Security Access

Top cybersecurity Predictions for 2020

Security Affairs

DECEMBER 27, 2019

Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year. Although the device vendors are implementing new security features in their systems, a lot of them from many manufacturers still do not implement security-by-design, making these systems easy to hack.

Cybersecurity

Cybersecurity IoT Ransomware Manufacturing

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

Egregor’s favorite sectors are Manufacturing (28.9% In less than 3 months Egregor operators have managed to successfully hit 69 companies around the world with 32 targets in the US, 7 victims in France and Italy each, 6 in Germany, and 4 in the UK. Other victims happened to be from the APAC, the Middle East, and Latin America. Inside Egregor.

Ransomware

Ransomware Retail Encryption Manufacturing

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

Hunton Privacy

OCTOBER 14, 2014

On October 8, 2014, the Department of Homeland Security reported that over the course of several months, the network of a large critical manufacturing company was compromised. Policies limiting their coverage to events occurring during the contractual period (or to a short prior period) can be unduly restrictive.

Insurance

Insurance Cybersecurity Manufacturing Information Security

FDA Issues Final Guidance on Cybersecurity in Medical Devices

Hunton Privacy

OCTOBER 6, 2014

The Guidance provides recommendations to device manufacturers for content “to include in FDA medical device premarket submissions for effective cybersecurity management.” Recover – providing methods that allow an authenticated user to recover the information on the device.

Cybersecurity

Cybersecurity Manufacturing Authentication Passwords

Article 29 Working Party Issues Opinion on Drones

Hunton Privacy

JULY 10, 2015

After identifying the privacy and data protection risks related to the use of drones and examining the applicability of EU Data Protection Directive 95/46/EC to drones, the Working Party provided recommendations for European and national legislators, manufacturers of drones and related equipment, and drone operators.

Personal data

Personal data Manufacturing Privacy Risk

House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes

Hunton Privacy

JULY 17, 2015

Permit remote access to PHI so long as the covered entity and researcher maintain “appropriate security and privacy safeguards” and the PHI is “not copied or otherwise retained by the researcher.” The Act, which garnered widespread bipartisan support, now moves to the Senate, which is expected to take up the legislation this fall.

Healthcare

Healthcare Privacy Manufacturing Marketing

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. As is now traditional, I’ve installed myself in the porter’s chair next to the fire in the library, ready to recap some of the year’s more newsworthy information security events.

Data breaches

Data breaches Personal data Access GDPR

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Security Affairs

OCTOBER 21, 2019

PortReus e was used by the Winnti cyberespionage group to target a high-profile Asian mobile software and hardware manufacturer. are related to authentication and event logging.” “The functions targeted by skip-2.0 ” continues the analysis.

Passwords

Passwords Authentication Manufacturing Communications

Representative Mary Bono Mack Releases Discussion Draft of the SAFE Data Act

Hunton Privacy

JUNE 17, 2011

Representative Bono Mack is Chairman of the House Subcommittee on Commerce, Manufacturing and Trade. The bill instructs the Federal Trade Commission to promulgate regulations that require persons to establish and implement information security policies and procedures regarding the treatment and protection of personal information.

e-Discovery

e-Discovery Military Information Security Manufacturing

Regulation of AI-Based Applications: The Inevitable New Frontier

AIIM

NOVEMBER 12, 2019

There must be a balance between promoting AI innovation, its social utility, and safeguarding consumer rights, even though it is “ uncharted territory for an age that is passing the baton from human leadership to machine learning emergence, automation, robotic manufacturing and deep learning reliance. ”.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Communications Manufacturing

The Hacker Mind Podcast: How To Get Paid To Hack

ForAllSecure

SEPTEMBER 29, 2022

And the rest, they say is this as a reporter, I was in a position to learn as I wrote about information security. Stok : DEF CON that that summer for hacker summer camp and got invited or more or less kind of social engineer myself into a hacker one live hacking event used to be at the bar. But what if you're on your own?

Mining

Mining IT Communications Marketing

The Hacker Mind Podcast: Hacking Teslas

ForAllSecure

JUNE 8, 2022

Even so, the car manufacturers carved out large groups of codes. Since then, car manufacturers have improved on this. And the coffee spur was an attempt to show manufacturers of hands free sets that pre-programmed pin that cannot be changed by the user would not be the ideal way to handle security in this respect.

Manufacturing

Manufacturing Encryption IT Security

German DPAs Adopt Resolutions Regarding “Connected Cars” and Cooperation with Competition Authorities

Hunton Privacy

OCTOBER 20, 2014

According to the DPAs, automobile manufacturers, distributors, retailers, repair shops and providers of communications and telemedia services must ensure the informational self-determination of drivers. During the conference, several resolutions concerning privacy were adopted. Privacy in Connected Cars.

Manufacturing

Manufacturing Privacy Communications Retail

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. However, thanks to the event organisers’ effective planning, the contest was largely unaffected.

Security

Security Data breaches Ransomware Military

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. This was a few months after the Jeep Cherokee hack and that event had the entire industry’s attention. “Hi, Rob.”

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. This was a few months after the Jeep Cherokee hack and that event had the entire industry’s attention. “Hi, Rob.”

IT

IT Manufacturing Government Paper

China’s First Data Protection Measures Lifting Its Veils

HL Chronicle of Data Protection

JUNE 13, 2019

The Specification allows a product or service provider to suspend its service in the event data subjects refuse to consent to the processing of his or her personal data necessary to achieve core functions. Notification and reporting obligation in the event of data breach.

Personal data

Personal data IT Data collection Compliance

Rhysida ransomware gang is auctioning data stolen from the British Library

Security Affairs

NOVEMBER 20, 2023

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are “targets of opportunity.”

Libraries

Libraries Ransomware Manufacturing Education

FBI and CISA warn of attacks by Rhysida ransomware gang

Law enforcement operation seized Ragnar Locker group’s infrastructure

Webinars

Trending Sources

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Webinars

Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group

Researchers found alleged sensitive documents of NATO and Turkey

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

FBI chief says China is preparing to attack US critical infrastructure

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Elections 2024, artificial intelligence could upset world balances

Holy Ghost ransomware operation is linked to North Korea

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

REvil ransomware gang recommends that Apple buy back its data stolen in Quanta hack

DDoS Attacks Skyrocket, Kaspersky Researchers Say

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Risk Management under the DORA Regulation

3 Ways the Role of CIO Has Changed and Will Continue to Do So Going Forward

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

GoDaddy discloses a new data breach

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Weekly podcast: Meltdown and Spectre SCADA problems, Apple text bomb and WEF cyber risks

DoS attack the caused disruption at US power utility exploited a known flaw

FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it

Kaspersky found dozens of flaws in 4 open-source VNC software

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

FTC Recaps Connected Cars Privacy and Security Workshop

Weekly podcast: TSB, hotel locks and NATO exercise

Top cybersecurity Predictions for 2020

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Cybersecurity Incident Highlights Questions about Cyber Insurance Coverage

FDA Issues Final Guidance on Cybersecurity in Medical Devices

Article 29 Working Party Issues Opinion on Drones

House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes

Weekly podcast: 2018 end-of-year roundup

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Representative Mary Bono Mack Releases Discussion Draft of the SAFE Data Act

Regulation of AI-Based Applications: The Inevitable New Frontier

The Hacker Mind Podcast: How To Get Paid To Hack

The Hacker Mind Podcast: Hacking Teslas

German DPAs Adopt Resolutions Regarding “Connected Cars” and Cooperation with Competition Authorities

2022 Cyber Security Review of the Year

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

China’s First Data Protection Measures Lifting Its Veils

Rhysida ransomware gang is auctioning data stolen from the British Library

Stay Connected