Information Security, Manufacturing and Retail - Information Management Today

Volvo retailer leaks sensitive files

Security Affairs

APRIL 15, 2023

The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.

Retail

Retail Manufacturing Communications Passwords

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing IoT Retail

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries. The data shows a shift in ransomware targets over the past three years. Previously dominated by the construction industry, the IT sector now claims the top spot in 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. ” reads the report published by CR.

Manufacturing

Manufacturing Retail Sales Communications

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Security Affairs

DECEMBER 21, 2022

CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ [link]. It’s no use carrying an umbrella if your shoes are leaking, an old Irish proverb says.

Retail

Retail Manufacturing Sales Phishing

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

AUGUST 9, 2021

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. Ransomware operators also stole data from the victims and leaked it online when they refused to pay the ransom. in Australia since 2020.

Ransomware

Ransomware Retail Security Manufacturing

NIST published updated guidance for supply chain risks

Security Affairs

MAY 8, 2022

A devices may have been designed in one country and its components could be manufactured across multiple countries worldwide. A security incident suffered by one of the companies producing these components could have a significant impact on the overall product and service.

Risk

Risk Manufacturing Cybersecurity Retail

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

” Most of the victims are in the manufacturing, engineering and construction, and retail sectors. The largest received ransom payment was $9 million, and at least 18 of the ransoms exceeded $1 million. The average ransom payment was $1.2 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware

Ransomware Blockchain Retail Insurance

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

AUGUST 21, 2019

As people have growing opportunities to shop online, the chances for hackers to carry out lucrative cyberattacks in the retail sector also go up. Statistics from 2016 showed that the average cost per compromised retail record was $172. People are becoming less tolerant of retailers that have widescale data breaches.

Cybersecurity

Cybersecurity Retail Manufacturing Data breaches

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Luxottica Group S.p.A. Its best known brands are Ray-Ban, Persol, and Oakley.

Retail

Retail Manufacturing Ransomware Security

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Human Security identified a supply chain of a Chinese manufacturer that was compromised to backdoor the firmware of several products delivered to resellers, physical retail stores and e-commerce warehouses. Products containing the malicious backdoor have been found on public school networks throughout the United States.

e-Discovery

e-Discovery Retail Manufacturing Security

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. The investigation into the security breach is still ongoing. “We

Data breaches

Data breaches Retail Sales Ransomware

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

Since at least 2014, experts at FireEye have observed the APT32 group targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. ” said Nathaniel Gleicher, Head of Security Policy at Facebook, and Mike Dvilyanski, Cyber Threat Intelligence Manager.

Agriculture

Agriculture IT Retail Manufacturing

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture manufacturer in the world. Steelcase has 13,000 employees and $3.7 billion in 2020.

Ransomware

Ransomware Computer and Electronics Manufacturing Mining

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Security Affairs

NOVEMBER 20, 2020

This ransomware strain emerged in September 2020, but the threat actors behind already managed to lock quite big companies, such as game developers Crytek, booksellers Barnes & Noble, and most recently a retail giant Cencosud from Chile. Egregor’s favorite sectors are Manufacturing (28.9% of victims) and Retail (14.5%).

Ransomware

Ransomware Retail Encryption Manufacturing

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. .” reads the joint report.

Energy and Utilities

Energy and Utilities Military Government Phishing

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector. To help navigate such security-specific challenges, organisations may find it useful to reference a best-practice standard like ISO 27005 , which offers guidance on managing information security risks.

Risk

Risk Data breaches Authentication Financial Services

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Security Affairs

OCTOBER 24, 2020

The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division with stores in cities throughout Michigan. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors. An industry leader in multiple U.S.

Ransomware

Ransomware Retail Manufacturing Encryption

Nefilim ransomware gang published Luxottica data on its leak site

Security Affairs

OCTOBER 20, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Luxottica Group S.p.A. Its best known brands are Ray-Ban, Persol, and Oakley.

Ransomware

Ransomware IT Retail Manufacturing

440M records found online in unprotected database belonging to Estée Lauder

Security Affairs

FEBRUARY 11, 2020

The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée L auder that contained 440,336,852 records. Fowler discovered the unsecured database on January 30 and attempted to report its discovery to the company. .

Archiving

Archiving Retail Manufacturing Authentication

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

.” PIONEER KITTEN hackers to date have focused their attacks against entities in North American and Israeli, while targeted sectors include technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail. .

Access

Access Financial Services Retail Insurance

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . The infection took place on December 23, the hackers first compromised the company network then installed the ransomware.

IT

IT Ransomware Financial Services Retail

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

MARCH 27, 2020

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. According to industry researchers, TA505 is known to have carried out attacks on banks, medical institutions retailers and other businesses in the past. Group-IB has immediately contacted the victims upon discovery.

Healthcare

Healthcare Manufacturing Cybersecurity Retail

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Security Affairs

APRIL 26, 2021

Prometei has been observed to be active in systems across a variety of industries, including: Finance, Insurance, Retail, Manufacturing, Utilities, Travel, and Construction.” . “The victimology is quite random and opportunistic rather than highly targeted, which makes it even more dangerous and widespread.

Mining

Mining Retail Insurance Manufacturing

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Security Affairs

NOVEMBER 8, 2020

As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.com. Luxottica Group S.p.A. Its best known brands are Ray-Ban, Persol, and Oakley.

Data breaches

Data breaches Insurance Retail Ransomware

Trickbot gang and Lazarus APT, the hidden link behind an epochal phenomena

Security Affairs

DECEMBER 12, 2019

.” Security experts at Cybereason published an analysis that corroborates the SentinelOne’s attribution, but they didn’t observe the use of the Anchor framework by the Lazarus Group. ” reads the report published by Cybereason.

Sales

Sales Ransomware Retail Manufacturing

German DPAs Adopt Resolutions Regarding “Connected Cars” and Cooperation with Competition Authorities

Hunton Privacy

OCTOBER 20, 2014

According to the DPAs, automobile manufacturers, distributors, retailers, repair shops and providers of communications and telemedia services must ensure the informational self-determination of drivers. During the conference, several resolutions concerning privacy were adopted. Privacy in Connected Cars.

Manufacturing

Manufacturing Privacy Communications Retail

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

Hunton Privacy

MAY 26, 2010

To help ensure compliance with applicable privacy and information security laws, businesses should destroy or erase any hard drives in digital copiers before selling or discarding those machines, and should contractually require that the hard drives of leased digital copiers be erased at the termination of the lease.

Privacy

Privacy Risk Manufacturing Retail

States Attempt to Address Privacy Risks Associated with Digital Copiers and Electronic Waste

Hunton Privacy

APRIL 1, 2011

The program must include convenient methods for consumers to return electronic waste to the manufacturer and instructions on how consumers can destroy data on the devices before recycling or disposing of them.

Privacy

Privacy Risk Manufacturing Retail

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy

Data Privacy Privacy Security Data breaches

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. To use an example of a functional GRC strategy in action, imagine a fictional retail business that sells vitamin supplements. See our in-depth look at RSA Archer. Back to top.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. To use an example of a functional GRC strategy in action, imagine a fictional retail business that sells vitamin supplements. See our in-depth look at RSA Archer. Back to top.

Compliance

Compliance Risk Government Retail

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. Meanwhile, GDPR (General Data Protection Regulation) enforcement continues apace.

Security

Security Data breaches Ransomware Military

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

The attacks targeted 553 different types of devices from 212 manufacturers, ranging from digital signage and smart TVs to set-top boxes, IP cameras, and automotive multimedia systems. Zscaler’s ThreatLabz research team also saw such devices as smart refrigerators and musical furniture connected to the cloud and open to attack. .

IoT

IoT Risk Manufacturing Authentication

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. ” So it’s not surprising that this recording coincided with another major security event. “Hi, Rob.”

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. ” So it’s not surprising that this recording coincided with another major security event. “Hi, Rob.”

IT

IT Manufacturing Government Paper

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl.

Security

Security Ransomware Retail Artificial Intelligence

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Manufacturing Taiwan Yes 4,715,133 Mustafa Centre Source 1 ; source 2 (Update) Retail Singapore Yes >3,5000,000 TRAXERO Source (New) Software USA Yes 2,634,753 Piping Rock Health Products Source 1 ; source 2 ; source 3 (New) Manufacturing USA Yes 2,103,100 FBCS, Inc.

Data Privacy

Data Privacy Privacy Manufacturing Security

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Hunton Privacy

APRIL 3, 2009

The FTC appears to interpret this definition to encompass entities that may have little or no involvement in credit decisions, such as retailers that accept credit card applications for forwarding to credit card companies. Second, the guide sets out an expansive view of “covered accounts.” by processing credit applications.”

Compliance

Compliance Retail Insurance Manufacturing

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. Group-IB: The ransomware plague cost the world over $1 billion.

Ransomware

Ransomware Phishing Sales Manufacturing

Volvo retailer leaks sensitive files

NCSC: New UK law bans default passwords on smart devices

Webinars

Trending Sources

Ransomware attacks break records in 2023: the number of victims rose by 128%

Webinars

Eken camera doorbells allow ill-intentioned individuals to spy on you

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

NIST published updated guidance for supply chain risks

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Hackers hit Luxottica, production stopped at two Italian plants

Android devices shipped with backdoored firmware as part of the BADBOX network

2021 data breach exposed data of 70 Million Luxottica customers

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Steelcase office furniture giant hit by Ryuk ransomware attack

QakBot Big Game Hunting continues: the operators drop ProLock ransomware for Egregor

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Risk Management under the DORA Regulation

Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

Nefilim ransomware gang published Luxottica data on its leak site

440M records found online in unprotected database belonging to Estée Lauder

Iran-linked APT group Pioneer Kitten sells access to hacked networks

California IT service provider Synoptek pays ransom after Sodinokibi attack

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Trickbot gang and Lazarus APT, the hidden link behind an epochal phenomena

German DPAs Adopt Resolutions Regarding “Connected Cars” and Cooperation with Competition Authorities

FTC Investigating Privacy Risks to Data Stored on Digital Copiers

States Attempt to Address Privacy Risks Associated with Digital Copiers and Electronic Waste

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Top GRC Tools & Software for 2021

Top 10 Governance, Risk and Compliance (GRC) Vendors

2022 Cyber Security Review of the Year

IoT Devices a Huge Risk to Enterprises

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Group-IB Hi-Tech Crime Trends 2020/2021 report

Stay Connected