Manufacturing, Paper and Security - Information Management Today

On IoT Devices and Software Liability

Schneier on Security

JANUARY 12, 2024

New law journal article : Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties.

IoT

IoT Manufacturing Paper

Securing the International IoT Supply Chain

Schneier on Security

JULY 1, 2020

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? Selling to U.S. cybersecurity agencies.

IoT

IoT Manufacturing Security Paper

To Make the Internet of Things Safe, Start with Manufacturing

Thales Cloud Protection & Licensing

SEPTEMBER 11, 2018

Achieving the IoT’s bold objective requires not only bringing many small things together and carefully orchestrating their interconnections, but also the assurance that their integrity and the data they collect remains secure and trustworthy. Therefore, manufacturing is the first critical link in the chain to establish trust across the IoT.

Manufacturing

Manufacturing IoT Authentication Paper

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

OCTOBER 14, 2019

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. ” reads the paper published by ESET. The post Winnti Group was planning a devastating supply-chain attack against Asian manufacturer appeared first on Security Affairs.

Manufacturing

Manufacturing Paper Communications IT

Hacking Hardware Security Modules

Schneier on Security

JUNE 20, 2019

Security researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. Here's a summary in English.

Security

Security Manufacturing Paper Access

Private 5G Networks: Thales and Celona Collaborate to Bring Security and Performance to a Modern World

Thales Cloud Protection & Licensing

FEBRUARY 19, 2023

These private mobile networks are gaining significant traction in manufacturing, energy, government, logistics, and warehousing verticals. This transition is an opportunity to look at the next generation of security. Specifically, how can organizations apply high levels of security to 5G infrastructure without sacrificing performance?

Security

Security Encryption Cloud Manufacturing

Safety and Security in Automated Driving

Adam Shostack

JULY 8, 2019

“ Safety First For Automated Driving ” is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. This paper is the cybersecurity specialists making the argument that cyber will fit into safety, and how to do so. In a sense, this white paper captures a strategic threat model.

Paper

Paper Security Risk Manufacturing

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. ” reported The New Paper.”

IoT

IoT Paper Manufacturing Access

How to implant a malware in hidden area of SSDs with Flex Capacity feature

Security Affairs

DECEMBER 31, 2021

Researchers devised a series of attacks against SSDs that could allow to implant malware in a location that is not monitored by security solutions. Korean researchers devised a series of attacks against solid-state drives (SSDs) that could allow to implant malware in specific memory locations bypassing security solutions.

Paper

Paper Access Manufacturing Security

A Threat to Passkeys? BrutePrint Attack Bypasses Fingerprint Authentication

eSecurity Planet

MAY 22, 2023

Security researchers recently published a paper detailing an attack they say can be used to bypass smartphone fingerprint authentication. Yiling He of China’s Zhejiang University and Yu Chen of Tencent Security’s Xuanwu Lab are calling the attack BrutePrint , which they say can be used to hijack fingerprint images.

Authentication

Authentication Encryption Passwords Manufacturing

FTC Recaps Connected Cars Privacy and Security Workshop

Hunton Privacy

JANUARY 10, 2018

On January 9, 2018, the FTC issued a paper recapping the key takeaways from the FTC’s and National Highway Traffic Safety Administration’s June 2017 workshop on privacy and security issues involving connected cars. The workshop featured representatives from consumer groups, industry, government and academia.

Privacy

Privacy Personal data Manufacturing Security

Securing Your Software Supply Chain

ForAllSecure

MARCH 4, 2021

For example, a product team might use MatrixSSL to secure network communications in IoT and other lightweight scenarios. For instance, car manufacturers rely on the specializations of our suppliers to build a quality vehicle. They are not security engineers. First-party components. They are not QA engineers.

Security

Security Communications IoT Manufacturing

How Secure Are Bitcoin Wallets, Really?

Security Affairs

OCTOBER 8, 2018

Purchasers of Bitcoin wallets usually have one priority topping their lists: security. What’s the truth about the security of these wallets? When buying conventional wallet coins and paper money, people often prioritize characteristics like the size, color, shape, and number of compartments. About the author.

Security

Security Manufacturing Cybersecurity Marketing

Bluetooth BIAS attack threatens billions of devices

Security Affairs

MAY 19, 2020

Boffins disclosed a security flaw in Bluetooth, dubbed BIAS, that could potentially be exploited by an attacker to spoof a remotely paired device. The Bluetooth specification is affected by security flaws that could allow attackers to carry out impersonation attacks while establishing a secure connection.

Authentication

Authentication Encryption Paper Manufacturing

Securing Your Software Supply Chain

ForAllSecure

MARCH 4, 2021

For example, a product team might use MatrixSSL to secure network communications in IoT and other lightweight scenarios. For instance, car manufacturers rely on the specializations of our suppliers to build a quality vehicle. They are not security engineers. First-party components. They are not QA engineers.

Security

Security Communications IoT Manufacturing

“Best Practices for IoT Security”

Adam Shostack

JUNE 8, 2020

The abstract starts: “Best practices for Internet of Things (IoT) security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. It’s by Christopher Bellman and Paul C.

IoT

IoT Security Manufacturing Government

Security Affairs newsletter Round 196 – News of the week

Security Affairs

JANUARY 13, 2019

The best news of the week with Security Affairs. Paper Copy. Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year. First Google security patches for Android in 2019 fix a critical flaw. Three security bugs found in the popular Linux suite systemd. 20% discount.

Security

Security Manufacturing Paper Ransomware

Bluetooth Vulnerability: BIAS

Schneier on Security

MAY 26, 2020

The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks.

Authentication

Authentication Manufacturing Paper Communications

Android mobile devices from top vendors in China have pre-installed malware

Security Affairs

FEBRUARY 9, 2023

” reads the paper published by the experts. Chinese manufacturers have yet to comment on the research. could easily lead to the persistent tracking of users and the easy unmasking of their identities.

Privacy

Privacy Manufacturing Analytics Data Privacy

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Security Affairs

FEBRUARY 26, 2020

A high-severity hardware vulnerability, dubbed Kr00k , in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k , that affects Wi-Fi chips manufactured by Broadcom and Cypress.

Encryption

Encryption Manufacturing Paper Communications

High Severity DoS bug affects Several Yokogawa products

Security Affairs

JANUARY 5, 2019

A serious DoS flaw affects several industrial automation products manufactured by the Yokogawa Electric. Affected products are used in a broad range of industries worldwide, mainly in the energy, critical manufacturing, and food and agriculture sectors. ” reads the security advisory published by the company.

Agriculture

Agriculture Manufacturing Communications Paper

Security Affairs newsletter Round 183 – News of the week

Security Affairs

OCTOBER 7, 2018

The best news of the week with Security Affairs. Paper Copy. Security Affairs – Newsletter ). The post Security Affairs newsletter Round 183 – News of the week appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! 20% discount. Kindle Edition. Pierluigi Paganini.

Security

Security Ransomware Manufacturing Sales

Tracking People via Bluetooth on Their Phones

Schneier on Security

JUNE 17, 2022

We’ve always known that phones—and the people carrying them—can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that that’s not enough.

Manufacturing

Manufacturing Security IT Paper

Adding Backdoors at the Chip Level

Schneier on Security

MARCH 26, 2018

Interesting research into undetectably adding backdoors into computer chips during manufacture: " Stealthy dopant-level hardware Trojans: extended version ," also available here : Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community.

Manufacturing

Manufacturing Military Paper Government

Recovering Smartphone Voice from the Accelerometer

Schneier on Security

DECEMBER 30, 2022

We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. In this work, we revisit this important line of reach.

Manufacturing

Manufacturing Privacy IT Paper

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Security Affairs

DECEMBER 18, 2019

Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South Korea (60%). ” reads the report published by the CyberX experts. Pierluigi Paganini.

Manufacturing

Manufacturing Phishing Paper Passwords

Attackers Exploit Flaw that Could Impact Millions of Routers, IoT Devices

eSecurity Planet

AUGUST 10, 2021

In a recent blog post , the researchers said the bad actors are looking to leverage a path traversal vulnerability that could affect millions of home routers and other Internet of Things (IoT) devices that use the same code base and are manufactured by at least 17 vendors. Tenable First to Disclose Flaw. ” Should Updates Be Automated?

IoT

IoT Manufacturing Passwords Risk

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

His resume also says he is a data science intern at Mondi Group , an Austrian manufacturer of sustainable packaging and paper. ” “He’s not even an information security specialist,” Quotpw said of Sergey. Mr. Proshutinskiy did not respond to requests for comment.

Data science

Data science IoT Manufacturing Sales

Ransomware paralyzed production for at least a week at ASCO factories

Security Affairs

JUNE 13, 2019

Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO. ASCO , is of the world’s largest manufacturers of aerospace components. ASCO provides components to Airbus, Boeing, Bombardier Aerospace, and Lockheed Martin.

Ransomware

Ransomware Manufacturing Paper IT

Conservation of Threat

Schneier on Security

JUNE 29, 2018

Basically, as the environment becomes safer we basically manufacture new threats. This has a lot of implications in security systems where humans have to make judgments about threat and risk: TSA agents, police noticing "suspicious" activities, "see something say something" campaigns, and so on. The academic paper.

Manufacturing

Manufacturing Paper Risk Security

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Security Affairs

JANUARY 10, 2020

With almost no cable modem tested being secure without a firmware update, the number of modems initially vulnerable in Europe is estimated to be close to this number.” For security reasons, on most cable modems, access to the spectrum analyzer is allowed only for connections from the internal network. Pierluigi Paganini.

Manufacturing

Manufacturing Paper Risk Communications

Why you should be concerned about payment card data breaches

IT Governance

JULY 27, 2018

In this blog, we look at the ongoing threat of debit and credit card fraud, explaining why it appeals to cyber criminals, what they do with the stolen information and how implementing the requirements of the PCI DSS (Payment Card Industry Data Security Standard) can thwart crooks’ schemes. Stay secure with the PCI DSS.

Data breaches

Data breaches Paper Retail Manufacturing

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

NOVEMBER 5, 2018

Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX) , a product it has launched in 2017 and that was designed to protect industrial facilities from USB-borne threats. Security Affairs – industrial facilities, USB). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Manufacturing Data collection Paper

Boffins discovered seven new Meltdown and Spectre attacks

Security Affairs

NOVEMBER 14, 2018

In January, white hackers from Google Project Zero disclosed the vulnerabilities that potentially impact all major CPUs, including the ones manufactured by AMD, ARM, and Intel. ” reads the research paper titled “A Systematic Evaluation of Transient Execution Attacks and Defenses.” microcode and software patches).”

Paper

Paper Manufacturing Security IT

Aztarna – the open-source scanning tool for vulnerable robots

Security Affairs

JANUARY 28, 2019

The team of experts works for the cybersecurity firm Alias Robotics , the Aztarna framework was designed to find vulnerable industrial routers and robots powered by ROS (Robot Operating System), SROS (Secure ROS) and other technologies. “Overall, we conclude that aztarna responds to the need of auditing robot security.

Cybersecurity

Cybersecurity Manufacturing Paper Security

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

The Decipher Security podcast by Duo Security analyzes the news, explores the impact of the latest risks, and provides informative and educational material for readers intent on understanding how security affects our world. He posits that security, particularly secure software, is a value add to businesses.

Security

Security IoT Manufacturing IT

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

The Decipher Security podcast by Duo Security analyzes the news, explores the impact of the latest risks, and provides informative and educational material for readers intent on understanding how security affects our world. He posits that security, particularly secure software, is a value add to businesses.

Security

Security IoT Manufacturing IT

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

ForAllSecure

APRIL 30, 2020

The Decipher Security podcast by Duo Security analyzes the news, explores the impact of the latest risks, and provides informative and educational material for readers intent on understanding how security affects our world. He posits that security, particularly secure software, is a value add to businesses.

Security

Security IoT Manufacturing IT

UK: New National Strategy for Health Data

DLA Piper Privacy Matters

JULY 13, 2022

Secure Data Environments. The NHS will step up its investment in and use of ‘secure data environments’ (sometimes referred to as ‘trusted research environments’). In simple terms, these are specially designated, secure servers on which a third party researcher’s access to health data can be properly controlled and monitored.

Artificial Intelligence

Artificial Intelligence Privacy Government Access

Business process reengineering (BPR) examples

IBM Big Data Hub

APRIL 25, 2024

An early case study of BPR was Ford Motor Company, which successfully implemented reengineering efforts in the 1990s to streamline its manufacturing processes and improve competitiveness. Organizations of all sizes and industries implement business process reengineering. This can enable significant cost savings and improve profitability.

Analytics

Analytics Communications Marketing Manufacturing

The future of 5G: What to expect from this transformational technology

IBM Big Data Hub

MARCH 14, 2024

Apple was one of the first manufacturers to test the appetite for 5G in 2020 by offering its newest iPhone with 5G compatibility. This is largely due to its ability to move large volumes of data swiftly and securely between connected devices at speeds never achieved before.

Cloud

Cloud IoT Energy and Utilities Artificial Intelligence

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

The Last Watchdog

APRIL 24, 2019

We do white papers and thought leadership at conferences. By getting organizations together and having conversations about what is needed in order to secure an environment, then you can really start to understand what’s a reasonable posture to take around some of the issues that that come that come up,” Jordan said.

Risk

Risk IoT Digital transformation Retail

5 Advantages Of Paperless Office Software For Accounting

Docuware

APRIL 29, 2018

When your organization conducts any kind of process, such as manufacturing or distributing products, these business processes generate delivery notices, invoices and purchase orders that must be funneled through your accounting department.

Manufacturing

Manufacturing Paper Security

The hidden threats facing your intellectual property

IT Governance

SEPTEMBER 4, 2018

For life sciences and pharmaceutical companies, this includes data on the development and testing of new therapies and details of how therapies are manufactured. One such case occurred when Sinovel, a leading wind-turbine manufacturer, headhunted an employee of AMSC, an energy technology company that owned proprietary wind turbine technology.

Healthcare

Healthcare Insurance Manufacturing Risk

On IoT Devices and Software Liability

Securing the International IoT Supply Chain

Webinars

Trending Sources

To Make the Internet of Things Safe, Start with Manufacturing

Webinars

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Hacking Hardware Security Modules

Private 5G Networks: Thales and Celona Collaborate to Bring Security and Performance to a Modern World

Safety and Security in Automated Driving

Hackers claim to have compromised 50,000 home cameras and posted footage online

How to implant a malware in hidden area of SSDs with Flex Capacity feature

A Threat to Passkeys? BrutePrint Attack Bypasses Fingerprint Authentication

FTC Recaps Connected Cars Privacy and Security Workshop

Securing Your Software Supply Chain

How Secure Are Bitcoin Wallets, Really?

Bluetooth BIAS attack threatens billions of devices

Securing Your Software Supply Chain

“Best Practices for IoT Security”

Security Affairs newsletter Round 196 – News of the week

Bluetooth Vulnerability: BIAS

Android mobile devices from top vendors in China have pre-installed malware

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

High Severity DoS bug affects Several Yokogawa products

Security Affairs newsletter Round 183 – News of the week

Tracking People via Bluetooth on Their Phones

Adding Backdoors at the Chip Level

Recovering Smartphone Voice from the Accelerometer

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Attackers Exploit Flaw that Could Impact Millions of Routers, IoT Devices

Interview With a Crypto Scam Investment Spammer

Ransomware paralyzed production for at least a week at ASCO factories

Conservation of Threat

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Why you should be concerned about payment card data breaches

USB drives are primary vector for destructive threats to industrial facilities

Boffins discovered seven new Meltdown and Spectre attacks

Aztarna – the open-source scanning tool for vulnerable robots

Decipher Security Podcast With ForAllSecure CEO David Brumley

Decipher Security Podcast With ForAllSecure CEO David Brumley

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

UK: New National Strategy for Health Data

Business process reengineering (BPR) examples

The future of 5G: What to expect from this transformational technology

MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks

5 Advantages Of Paperless Office Software For Accounting

The hidden threats facing your intellectual property

Stay Connected