COVID-19: Security Risks As Manufacturers Shift Gears

Data Breach Today

As automobile manufacturers and others rush to shift to production of ventilators and other medical equipment and supplies to help fight the COVID-19 pandemic, they must take steps to ensure security, privacy and safety risks are addressed, says technology attorney Steven Teppler

Candiru: Another Cyberweapons Arms Manufacturer

Schneier on Security

We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade. Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Medical Device Security: The Manufacturer's View

Data Breach Today

Michael McNeil of Philips on the Manufacturer's Role in Improving Device Cybersecurity Awareness of medical device security issues has grown dramatically over the past few years. But Michael McNeil of device manufacturer Philips argues that cybersecurity is still years behind where it should be, so stakeholders are playing catch-up

Leveraging manufacturing data in a smart, connected and secure way

OpenText Information Management

Do we have complete control of the many sources of manufacturing data and can we convert that data … The post Leveraging manufacturing data in a smart, connected and secure way appeared first on OpenText Blogs.

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE

Security Affairs

Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data.

COVID-19 vaccine manufacturer suffers a data breach

Security Affairs

Indian COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories was hit with a cyber attack that forced it to shut down its plants in Brazil, India, Russia, the U.K., In response to the security breach, the COVID-19 vaccine manufacturer has isolated all data center services. “In

Cybersecurity in manufacturing

OpenText Information Management

Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center. I … The post Cybersecurity in manufacturing appeared first on OpenText Blogs.

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack?

Compal, the Taiwanese giant laptop manufacturer hit by ransomware

Security Affairs

The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. It is the second-largest contract laptop manufacturer in the world behind Quanta Computer.

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Security Affairs

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Security experts from FireEye linked the cyber attacks to the cybercrime group UNC2546, aka FIN11.

Manufacturing’s Cloud Migration Opens Door to Major Cyber-Risk

Threatpost

New research shows that while all sectors are at risk, 70 percent of manufacturing apps have vulnerabilities. Cloud Security Critical Infrastructure Mobile Security Vulnerabilities Web Security

Five Steps to Rethink Manufacturing with Product Design Data Exchange Strategy

Rocket Software

Manufacturing is a complex, evolving industry, and disruptions in the past year and a half have complicated these operations even further. Supply chains demand high quality data that meets every stakeholders’ specific standards, including naming conventions and security mandates.

Sierra Wireless halted production at its manufacturing sites due to ransomware attack

Security Affairs

Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. The code contains some “funny” comments related to the twitter community of security researchers which constantly monitor the actor operations.

Tesla, SpaceX Parts Manufacturer Suffers Data Breach

Dark Reading

Visser Precision has confirmed a security incident likely caused by the data-stealing DoppelPaymer ransomware

Gaming hardware manufacturer Razer suffered a data leak

Security Affairs

Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online. Gaming hardware manufacturer Razer has suffered a data leak, this is the discovery made by the security researcher Bob Diachenko.

Critical Industrial Flaws Pose Patching Headache For Manufacturers

Threatpost

Critical Infrastructure Podcasts claroty codemeter critical patch factory security ICS Industrial Industrial Control Systems manufacturing operational technology OT patch patch challenges Patch management podcast SCADA Sharon Brizinov vulnerability

Consumer Reports Calls for IoT Manufacturers to Raise Security Standards

Dark Reading

A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data.

Plugging the Data Leak in Manufacturing

Threatpost

IIoT-generated data – calibrations, measurements and other parameters – still need to be stored, managed and shared securely. Critical Infrastructure InfoSec Insider IoT Data security digital guardian IIoT Industrial infosec insiders Internet of things manufacturing security concerns tim bandos

U.S. Manufacturer Most Recent Target of LokiBot Malspam Campaign

Threatpost

manufacturing company is the latest organization to be targeted with the LokiBot trojan - although this most recent campaign harbored some bizarre red flags. Malware Web Security info-stealer IOC IP address LokiBot malicious attachment malicious email malspam malware manufacturing company Spam TrojanA large U.S.

ENISA Highlights AI Security Risks for Autonomous Cars

Data Breach Today

Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report

Risk 246

20 Questions to Ask During a Real (or Manufactured) Security Crisis

Dark Reading

There are important lessons to be learned from a crisis, even the ones that are more fiction than fact

Podcast: Why Manufacturers Struggle To Secure IoT

Threatpost

Too often, many IoT device manufacturers are opting to leave out costly security features for their small, low power connected devices. . IoT Podcasts DDoS IoT IoT Consumer Device IoT Device IoT security Threatpost podcast

IoTopia Framework Aims to Bring Security to Device Manufacturers

Dark Reading

GlobalPlatform launches an initiative to help companies secure connected devices and services across markets

Dragos Nets $110M in Series C Led by Major Global Energy, Manufacturing, Oil & Gas Company Investors

Dark Reading

National Grid Partners, Saudi Aramco Energy Ventures, and Hewlett Packard Enterprise led the latest funding round for the ICS/OT security company

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer

Security Affairs

Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Security experts at ESET revealed that Winnti Group continues to update its arsenal, they observed that the China-linked APT group using a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer.

Hackers have stolen customer data from Titan Manufacturing and Distributing company for nearly one year

Security Affairs

Cyber criminals have stolen customer data from the Titan Manufacturing and Distributing company for nearly one year using a malware. Hackers hit the Titan Manufacturing and Distributing company and compromised its computer system to steal customer payment card data for an entire year. Attackers breached into the computer system at Titan Manufacturing and Distributing company to steal customer payment card data for roughly a year. Titan Manufacturing and Distributing, Inc.

To Make the Internet of Things Safe, Start with Manufacturing

Thales Cloud Protection & Licensing

Achieving the IoT’s bold objective requires not only bringing many small things together and carefully orchestrating their interconnections, but also the assurance that their integrity and the data they collect remains secure and trustworthy. According to Maciej Kranz, Cisco VP for strategic innovation, writing for IoTechExpo.com , “[In 2018] IoT security will become the No. Therefore, manufacturing is the first critical link in the chain to establish trust across the IoT.

CVE-2018-4251 – Apple did not disable Intel Manufacturing Mode in its laptops

Security Affairs

Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple did not disable Intel Manufacturing Mode in its laptops. Experts from security firm Positive Technologies while analyzing Intel Management Engine (ME) discovered that Apple forgot did not lock it in laptops. For this reason, security experts warned in the past of the risks for Intel Management Engine vulnerabilities. Securi ty Affairs – Intel Manufacturing Mode, Apple).

Digital Transformation in a Global Manufacture Organization

Perficient Data & Analytics

In each industry and even the whole economics system, digitization and intelligentization have become buzz-words, and it will help the manufacture industry upgrade its production, management and efficiency to the next level. With strong Consulting and system integration capability, Perficient has played an important role in boosting the digital transformation for China manufacturing clients. All of the data acquisition SHOULD be agreed by the manufacture’s clients.

California Enacts New Requirements for Internet of Things Manufacturers

Hunton Privacy

According to Bloomberg Law, the Bills’ non-specificity regarding what “reasonable” features include is intentional; it is up to the manufacturers to decide what steps to take. Manufacturers argue that the Bills are egregiously vague, and do not apply to companies that import and resell connected devices made in other countries under their own labels. Information Security Online Privacy U.S.

Window Snyder Launches Startup to Fill IoT Security Gaps

Dark Reading

Thistle Technologies aims to help connected device manufacturers securely deliver updates to their products

Analysis: The Security of 5G Devices, Networks

Data Breach Today

Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security

VPNFilter should compel IoT manufacturers to adopt a secure by design mindset

Information Management Resources

The VPNFilter Internet of Things botnet that Cisco Talos researchers recently discovered is the latest cyber security red flag for all IoT device manufacturers – and it’s an enormous flag. Internet of things Data security Cyber security Cyber attacks

Security Affairs newsletter Round 326

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 326 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

More Than 1,000 IoT Security Guidelines: Which One to Use?

Data Breach Today

Study Suggests Actionable Recommendations Would Improve IoT Security With more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow?

IoT 181

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

Data Breach Today

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May

Mandatory IoT Security in the Offing with U.K. Proposal

Threatpost

law mandates that manufacturers apply several security controls to their connected devices. Government IoT default password Device security Internet of things iot legislation iot manufacturers IoT security Password regulation Security Updates tech law Uk gov law uk law

IoT 68